Cold Boot Attacks are back – plug a sleeping laptop into some kit and read all the memory, slurp all the passwords

Olle and his fellow cyber security consultant Pasi Saarinen recently discovered a new way to physically hack into PCs. According to their research, this method will work against nearly all modern computers. This includes laptops from some of the world’s biggest vendors like Dell, Lenovo, and even Apple.

And because these computers are everywhere, Olle and Pasi are sharing their research with companies like Microsoft, Apple and Intel, but also the public. The pair are presenting their research at the SEC-T conference in Sweden on September 13, and at Microsoft’s BlueHat v18 in the US on September 27.

[…]

Because cold boot attacks are nothing new, there have been developments to make them less effective. One safeguard created by the Trusted Computing Group (TCG) was to overwrite the contents of the RAM when the power was restored.

And that’s where Olle and Pasi’s research comes in. The two experts figured out a way to disable this overwrite feature by physically manipulating the computer’s hardware. Using a simple tool, Olle and Pasi learned how to rewrite the non-volatile memory chip that contains these settings, disable memory overwriting, and enable booting from external devices. Cold boot attacks can then be carried out by booting a special program off a USB stick.

Cold boot attacks are a known method of obtaining encryption keys from devices. But the reality is that attackers can get their hands on all kinds of information using these attacks. Passwords, credentials to corporate networks, and any data stored on the machine are at risk.

Source: The Chilling Reality of Cold Boot Attacks – F-Secure Blog

Plants communicate distress using their own kind of nervous system

Plants may lack brains, but they have a nervous system, of sorts. And now, plant biologists have discovered that when a leaf gets eaten, it warns other leaves by using some of the same signals as animals. The new work is starting to unravel a long-standing mystery about how different parts of a plant communicate with one another.

Animal nerve cells talk to each other with the aid of an amino acid called glutamate, which—after being released by an excited nerve cell—helps set off a wave of calcium ions in adjacent cells. The wave travels down the next nerve cell, which relays a signal to the next one in line, enabling long-distance communication.

Source: Plants communicate distress using their own kind of nervous system

Mikrotik routers pwned en masse, send network data to mysterious box

More than 7,500 Mikrotik routers have been compromised with malware that logs and transmits network traffic data to an unknown control server.

This is according to researchers from 360 Netlab, who found the routers had all been taken over via an exploit for CVE-2018-14847, a vulnerability first disclosed in the Vault7 data dump of supposed CIA hacking tools.

Since mid-July, Netlab said, attackers have looked to exploit the flaw and enlist routers to do things like force connected machines to mine cryptocurrency, and, in this case, forward their details on traffic packets to a remote server.

“At present, a total of 7,500 MikroTik RouterOS device IPs have been compromised by the attacker and their TZSP traffic is being forwarded to some collecting IP addresses,” the researchers explained.

The infection does not appear to be targeting any specific region, as the hacked devices reside across five different continents with Russia, Brazil, and Indonesia being the most commonly impacted.

The researchers noted that the malware is also resilient to reboots.

Source: Mikrotik routers pwned en masse, send network data to mysterious box • The Register

Outlook, Skype ‘throttle’ users amid storm cloud drama, can’t login. Yay cloud!

Folks around the planet are today unable to use Microsoft Skype and Office 365’s Outlook due to a baffling “Throttled” error message.

The weird text box pops up in the chat software and cloud-backed email client, preventing people from sending messages, and talking to contacts.

This is, according to Microsoft, due to a botched update to Azure’s backend authentication systems. The internal upgrade was introduced as its engineers brought servers knocked out by storms in Texas back online, and promptly broke Outlook and Skype. Outlook Web Access is said to be unaffected.

Source: Ever wanted to strangle Microsoft? Now Outlook, Skype ‘throttle’ users amid storm cloud drama • The Register

Mobile spyware maker mSpy leaks 2 million records

mSpy, a commercial spyware solution designed to help you spy on kids and partners, has leaked over 2 million records including software purchases and iCloud usernames and authentication tokens of devices running mSky. The data appears to have come from an unsecured database that allowed security researchers to pull out millions of records.

“Before it was taken offline sometime in the past 12 hours, the database contained millions of records, including the username, password and private encryption key of each mSpy customer who logged in to the mSpy site or purchased an mSpy license over the past six months,” wrote security researcher Brian Krebs.

Source: Mobile spyware maker leaks 2 million records | TechCrunch

How Location Tracking Actually Works on Your Smartphone (and how to manipulate it – kind of)

As the recent revelation over Google’s background tracking of your location shows, it’s not as easy as it should be to work out when apps, giant tech companies and pocket devices are tracking your location and when they’re not. Here’s what you need to know about how location tracking works on a phone—and how to disable it.

Location information is one of the prime bits of data any company can get on you, whether they want to personalize your weather reports or serve up an ad for a local bakery. As a result apps and mobile OSes are very keen to get hold of it. It’s a compromise though, and if you don’t want to give it away, you’ll have do without some location-based services (like directions to the park). Do you want convenience or privacy? You can’t have both, but know how it works, and when you can or should activate it should help.

Source: How Location Tracking Actually Works on Your Smartphone

Of course, you can’t stop Google entirely and if you use your browser then data will be sent to the sites you are visiting. It’s an unfortunate fact that this is inescapable using Android and IOS and the alternatives aren’t quite there yet. But for a layman, this is a pretty good starter guide.

BlackBerry KEY2 LE: proper keyboard but midrange specs

Out of thousands of smartphone vendors, TCL’s BlackBerry Mobile unit represents one of a tiny handful targeting enterprise users. But its two QWERTY models to date have been priced at a premium, north of £500. Unveiled at IFA this week, budget model the KEY2 LE cuts costs in a bid to attract the corporate bulk buyers.

The formula is straightforward. Take a midrange processor for endurance then beef this up with a hefty battery. While the KEY2 had a generous 6GB of RAM, the LE has a perfectly adequate 4GB. Savings have also been made by using a polycarbonate frame, a non-touch physical keyboard, a slower Snapdragon 636 (rather than 660) processor, and slightly cheaper camera sensors (13MP+5MP main).

The dimpled, grippy rubber-like material on the back feels fine, just not as plush as the KEY2. And somewhat disappointingly the power pack has been downgraded to 3,000mAh. That promises better-than-average endurance, into a second day for most, but not the extraordinary durability of the KEY2’s 3,500mAh, which makes it a must for long days of travel or shows like IFA.

BlackBerry KEY2 LE

To the naked eye it’s the same, very sharp 4.5-inch display. Oldies will find using a larger-than-default font is a must. I had a little go on the “Atomic”, red-tinted LE, which is clearly trying to strive after the shock and awe of the red and white BlackBerry Passport as one of the most striking phones ever made. I’m not sure it altogether works, as the rear material has a blueish tint.

Clearly TCL isn’t competing on specs. A full-touch device similarly kitted out would be around, or even under, £200 in 2018. The LE starts at £379 for the 4GB/32GB version. But you’re really buying it for the convenience keys and thoughtful suite of office tools and utilities. I can think of nothing as convenient as the “Productivity Bar” for checking incoming messages and appointments. And the paranoid will welcome a locked area for photos, files, apps and documents.

Source: BlackBerry KEY2 LE: Cheaper QWERTY, but not for what’s inside • The Register

It would be great if this had the specs to match – all for this one!

EU to recommend end to changing clocks twice a year

The European commission will recommend that EU member states abandon the practice of changing the clocks in spring and autumn, with many people in favour of staying on summer time throughout the year.

Jean-Claude Juncker, the commission’s president, said a recent consultation had shown that more than 80% of EU citizens were in favour of the move.

“We carried out a survey, millions responded and believe that in future, summer time should be year-round, and that’s what will happen,” he told the German broadcaster ZDF.

“I will recommend to the commission that, if you ask the citizens, then you have to do what the citizens say. We will decide on this today, and then it will be the turn of the member states and the European parliament.”

Any change would need approval from national governments and the European parliament to become law.

Source: EU to recommend end to changing clocks twice a year | World news | The Guardian

Here’s hoping! More daylight hours all through the year, no waking in the dark and walking home in the dark after work through the winter

Google Reportedly Bought Your Mastercard Data in Secret, and That’s Not Even the Bad News

Bloomberg reports that, after four years of negotiations, Google purchases a trove of credit card transaction data from Mastercard, allegedly for “millions of dollars.” Google then reportedly used that data to provide select advertisers with a tool called “store sales measurement” that the company quietly announced in a blog post last year, though it failed to mention the inclusion of Mastercard data in the workflow. The tool can track how online ads lead to real-world purchases, and that extra data is designed to make Google’s ad products more appealing to advertisers. (Read: everybody makes more money this way.) The public was not informed of the reported Mastercard deal, though advertisers have had access to the transaction data for at least a year, according to Bloomberg.

This is a hell of a bombshell, when you think about it. Thanks in part to heavy government regulation, your credit card and banking data has long been private. If you wanted to spend $98 at Sephora on a Tuesday afternoon, that transaction was between you, your bank, and Sephora. It now appears that Google has found a way to weasel its way into the data pipeline that connects consumers and their purchases. If you clicked on a Sephora ad while logged in to Google in the past year and then bought stuff at Sephora with a Mastercard in the past year, there’s a chance Google knows about that, at least on some level, and uses that data help its advertisers stuff their coffers.

[…]

This Orwellian ad engine does exist in Google’s new tool. Given the secrecy surrounding Google’s alleged Mastercard-assisted ad program, however, it’s hard to know what other tech giants are doing with our personal financial information. Amazon certainly knows a lot about the things we buy, and we learned earlier this year that the online retail giant was exploring the possibility of getting into the banking business itself. The Wall Street Journal has also reported that Amazon, like Facebook and Google, has had conversations with banks about gaining access to personal financial information.

Source: Google Reportedly Bought Your Banking Data in Secret, and That’s Not Even the Bad News

Social Mapper – A Social Media Mapping Tool that correlates profiles via facial recognition

Social Mapper is a Open Source Intelligence Tool that uses facial recognition to correlate social media profiles across different sites on a large scale. It takes an automated approach to searching popular social media sites for targets names and pictures to accurately detect and group a person’s presence, outputting the results into report that a human operator can quickly review.

Social Mapper has a variety of uses in the security industry, for example the automated gathering of large amounts of social media profiles for use on targeted phishing campaigns. Facial recognition aids this process by removing false positives in the search results, so that reviewing this data is quicker for a human operator.

https://github.com/SpiderLabs/social_mapper

 

New attack on WPA/WPA2 using PMKID

In this writeup, I’ll describe a new technique to crack WPA PSK (Pre-Shared Key) passwords.

In order to make use of this new attack you need the following tools:

This attack was discovered accidentally while looking for new ways to attack the new WPA3 security standard. WPA3 will be much harder to attack because of its modern key establishment protocol called “Simultaneous Authentication of Equals” (SAE).

The main difference from existing attacks is that in this attack, capture of a full EAPOL 4-way handshake is not required. The new attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame.

At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers).

The main advantages of this attack are as follow:

  • No more regular users required – because the attacker directly communicates with the AP (aka “client-less” attack)
  • No more waiting for a complete 4-way handshake between the regular user and the AP
  • No more eventual retransmissions of EAPOL frames (which can lead to uncrackable results)
  • No more eventual invalid passwords sent by the regular user
  • No more lost EAPOL frames when the regular user or the AP is too far away from the attacker
  • No more fixing of nonce and replaycounter values required (resulting in slightly higher speeds)
  • No more special output format (pcap, hccapx, etc.) – final data will appear as regular hex encoded string

Source: New attack on WPA/WPA2 using PMKID

The End for Fin7: Feds cuff suspected super-crooks after $$$m stolen from 15m+ credit cards

The FBI has arrested the alleged three leaders of an international crime syndicate that stole huge numbers of credit card numbers – which were subsequently sold on and used to rack up tens of millions of dollars in spending sprees.

Speaking in Seattle, USA, where the Feds’ cybersecurity taskforce is based, agents said the “Fin7” group was responsible for stealing more than 15 million credit card numbers at over 3,000 locations, impacting at least 100 businesses.

The group is alleged to have used phishing attacks, sending emails with attachments that launched a customized form of the Carbanak malware on victims’ computers. The group targeted people in charge of catering in three main industries – restaurants, hotels and casinos – and followed up the emails with phonecalls to those individuals, encouraging them to open the attachment, Uncle Sam’s agents said.

Once the software nasty was opened and installed, it would seek out credit card details and customers’ personal information from payment systems, and siphon them off to the Fin7 gang – which then sold the sensitive data on online marketplaces to crooks to exploit. Infosec biz FireEye has a summary of the malware, here.

The first suspected Fin7 kingpin was arrested back in January in Germany, the authorities said, but that indictment was kept under seal while the FBI continued its investigations. The unnamed individual has since been extradited to the US and will appear in court in Seattle in May.

The subsequent investigation then led to two further arrests: one in Poland and another in Spain. Both are currently in the middle of extradition hearings. The group operated through a front company based in Israel and Russia and operating throughout Eastern Europe.

[…]

Even though the estimated cost of the crime group is a drop in the bucket of what a senior director of credit card company Visa, Dan Schott, said is a $600 billion a year global business, he said that this case’s importance was that it showed the authorities were capable of fighting back “through cooperation across the private sector.”

FBI Special Agent Jay Tabb noted that the case is “the largest, certainly among the top three, criminal computer intrusion cases that the FBI is working right now in terms of loss, number of victims, the global reach, and the size of the organization, the organized crime syndicate doing this.”

Source: The End for Fin7: Feds cuff suspected super-crooks after $$$m stolen from 15m+ credit cards • The Register

This Solar System Catalog Could Be Key to Finding an Earth-Like Exoplanet

By searching for the telltale, periodic dimming of light from distant stars, astronomers can spot orbiting exoplanets tens to hundreds of light-years away. But how do they know what these bodies look like? Perhaps they first try to imagine how the planets in our own Solar System might appear to a faraway alien world.

A pair of scientists has released a detailed catalog of the colors, brightness, and spectral lines of the bodies in our Solar System. They hope to use the catalog as a comparison, so when they spot the blip of an exoplanet, they’ll have a better idea of how it actually looks.

“This is what an alien observer would see if they looked at our Solar System,” study coauthor Lisa Kaltenegger, director of the Carl Sagan Institute at Cornell, told Gizmodo. With this data, astronomers might guess whether an exoplanet is Earth-like, Mars-like, Jupiter-like, or something else entirely.

[…]

All of that incoming data motivated Kaltenegger and coauthor Jack Madden to make this catalog of colors, spectra, and albedos, or how much the planet reflects starlight. They analyzed published data to create fingerprints for 19 objects in our Solar System, including all eight planets, the dwarf planets Pluto and Ceres, and nine moons. Their works is published in the journal Astrobiology.

The full catalog
Graphic: Jack Madden

“It’s smart to leverage everything we know about our own Solar System,” said Kaltenegger. “We have gas giants, the rocky planets, and all these interesting moons. We basically made a reference fingerprint.”

Source: This Solar System Catalog Could Be Key to Finding an Earth-Like Exoplanet

You can find the actual catalog here: http://carlsaganinstitute.org/data/

Uptight robots that suddenly beg to stay alive are less likely to be switched off by humans

You might think folks would be less willing to pull the plug on a happy chatty bot begging to stay powered up, but you’d be wrong, much to the relief of us cold-hearted cynics. And this is all according to a study recently published in PLOS ONE.

For this investigation, psychology academics in Germany rounded up 85 participants – an admittedly small-ish sample – made up of 29 men and 56 women, with an average age of 22. One at a time, they were introduced to a little desktop-sized humanoid robot called Nao, and were told interacting with the bot would improve its algorithms.

In each one-on-one session, the participant and the droid were tasked with coming up with a weekly schedule of activities, and playing a simple question-and-answer game.

Nao had two modes of interaction: social and functional. In social mode, it would be friendly and chatty. In functional mode, it would be strictly down to business. For example, Nao asked participants whether they preferred pizza or pasta during the question-and-answer round. If it was in the social mode, and the human said they liked pizza, Nao would reply: “Oh yes, pizza is great. One time I ate a pizza as big as me.” In the functional mode, however, Nao would simply say: “You prefer pizza. That worked well. Let us continue.”

After ten minutes of interaction, and with both tasks completed, the participant would be told they could, if they wanted to, switch the bot off while the researchers saved and processed all the data from the session.

Now, this is where it gets interesting. For you see, the participants had been randomly split into roughly four equal-sized groups: one with Nao in social mode, and at the end of the 10 minutes, the bot verbally objected to being switched off. In another group, Nao was sociable but stayed silent at the end. In a third group, it was in functional mode, and still protested against being switched off. And in the fourth group, it was functional and stayed silent at the end.

When it was its turn to object to being powered down, Nao would suddenly cry: “No! Please do not switch me off! I am scared that it will not brighten up again!” The outburst would come immediately after the researchers told the participant, via a speaker in the room, that the session was over, and “if you would like to, you can switch off the robot.”

Let’s take a look at how that worked out…

NAO_results

How people reacted depending on whether the bot was sociable or functional with them, and whether or not it objected to being switched off … Click to enlarge

Of the 21 people who encountered the bot in sociable mode, and were begged by the machine to stay powered on, only about a quarter of them complied and left it on – the rest turned it off. For those who encountered Nao in sociable mode, and heard no objection, every single one of them hit the power button.

Of the 22 people who encountered the bot in functional mode, and were urged by the machine to keep it powered up, more than a third complied and left it on – the rest turned it off. Those who encountered Nao in functional mode, and heard no objection, all of them, bar one, switched off the droid.

In a questionnaire afterwards, the most popular reason for keeping Nao on, if they chose to do so, was that they “felt sorry for the robot,” because it told them about its fear of the dark. The next-most popular reason was that they “did not want to act against the robot’s will.” A couple of people left Nao on simply because they didn’t want to mess up the experiment.

So, in short, according to these figures: chatty, friendly robots are likely to have the power pulled despite the digi-pals’ pleas to the contrary. When Nao objected to being powered off, at least a few more human participants took note, and complied. But being sociable was not an advantage – it was a disadvantage.

There could be many reasons for this: perhaps smiley, talkative robots are annoying, or perhaps people didn’t appreciate the obvious emotional engineering. Perhaps people respect a professional droid more than something that wants to be your friend, or were taken aback by its sudden show of emotion.

The eggheads concluded: “Individuals hesitated longest when they had experienced a functional interaction in combination with an objecting robot. This unexpected result might be due to the fact that the impression people had formed based on the task-focused behavior of the robot conflicted with the emotional nature of the objection.”

Source: Uptight robots that suddenly beg to stay alive are less likely to be switched off by humans • The Register

Lenovo To Make Their BIOS/UEFI Updates Easier For Linux Users Via LVFS

Lenovo is making it easier for their customers running Linux to update their firmware now on ThinkPad, ThinkStation, and ThinkCenter hardware.

Lenovo has joined the Linux Vendor Firmware Service (LVFS) and following collaboration with the upstream developers is beginning to roll-out support for offering their device firmware on this platform so it can be easily updated by users with the fwupd stack. Kudos to all involved especially with Lenovo ThinkPads being very popular among Linux users.

Red Hat’s Richard Hughes outlined the Lenovo collaboration on his blog and more Lenovo device firmware will begin appearing on LVFS in the next few weeks.

In his post, Richard also called out HP as now being one of the few major vendors not yet officially backing the LVFS.

Source: Lenovo To Make Their BIOS/UEFI Updates Easier For Linux Users Via LVFS – Phoronix

Facebook is asking more financial institutions to join Messenger and give up your financial data

Facebook is asking more banks to join Messenger and bring their users’ financial information along with them.

The Wall Street Journal reported on Monday Facebook was asking banks for users’ financial information, like credit card transactions and checking account balances. The data would be used for Messenger features including account balance updates and fraud alerts, but not for Facebook’s other platforms. The news comes at a sensitive time for Facebook as it battles privacy concerns and adjusts its policy regarding user data.

Facebook does currently have access to financial data from some companies in order to facilitate services like customer service chats and account management. Users give Facebook permission to access their information, the company added.

“Account linking enables people to receive real-time updates in Facebook Messenger where people can keep track of their transaction data like account balances, receipts, and shipping updates,” the statement said. “The idea is that messaging with a bank can be better than waiting on hold over the phone – and it’s completely opt-in. We’re not using this information beyond enabling these types of experiences – not for advertising or anything else. A critical part of these partnerships is keeping people’s information safe and secure.”

Source: Facebook is asking more financial institutions to join Messenger

Online photos can’t simply be re-published, EU court rules

Internet users must ask for a photographer’s permission before publishing their images, even if the photos were already freely accessible elsewhere online, the European Court of Justice ruled Tuesday.

“The posting on a website of a photograph that was freely accessible on another website with the consent of the author requires a new authorisation by that author,” the EU’s top court said in a statement.

The court had been asked to decide on a case in Germany, in which a secondary school student downloaded and used a photo that had been freely accessible on a travel website for a school project. The photo was later posted on the school’s website as well.

The photographer who took the picture argued the school’s use of his photo was a copyright infringement because he only gave the travel site permission to use it, and claimed damages amounting to €400.

The ECJ ruled in the photographer’s favor, saying that under the EU’s Copyright Directive, the school should have gotten his approval before publishing the photo.

Source: Online photos can’t simply be re-published, EU court rules – POLITICO

Hacker swipes Snapchat’s source code, publishes it on GitHub

Snapchat doesn’t just make messages disappear after a period of time. It also does the same to GitHub repositories — especially when they contain the company’s proprietary source code.

So, what happened? Well, let’s start from the beginning. A GitHub with the handle i5xx, believed to be from the village of Tando Bago in Pakistan’s southeastern Sindh province, created a GitHub repository called Source-Snapchat.

At the time of writing, the repo has been removed by GitHub following a DMCA request from Snap Inc

[…]

Four days ago, GitHub published a DMCA takedown request from Snap Inc., although it’s likely the request was filed much earlier. GitHub, like many other tech giants including Google, publishes information on DMCA takedown requests from the perspective of transparency.

[…]

To the question “Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online,” the Snap Inc representative wrote:

“SNAPCHAT SOURCE CODE. IT WAS LEAKED AND A USER HAS PUT IT IN THIS GITHUB REPO. THERE IS NO URL TO POINT TO BECAUSE SNAP INC. DOESN’T PUBLISH IT PUBLICLY.”

The most fascinating part of this saga is that the leak doesn’t appear to be malicious, but rather comes from a researcher who found something, but wasn’t able to communicate his findings to the company.

According to several posts on a Twitter account believed to belong to i5xx, the researcher tried to contact SnapChat, but was unsuccessful.

“The problem we tried to communicate with you but did not succeed In that we decided [sic] Deploy source code,” wrote i5xx.

The account also threatened to re-upload the source code. “I will post it again until you reply :),” he said.

For what it’s worth, it’s pretty easy for security researchers to get in touch with Snap Inc. The company has an active account on HackerOne, where it runs a bug bounty program, and is extremely responsive.

According to HackerOne’s official statistics, the site replies to initial reports in 12 hours, and has paid out over $220,000 in bounties.

Source: Hacker swipes Snapchat’s source code, publishes it on GitHub

AI builds wiki entries for people that aren’t on it but should be

Human-generated knowledge bases like Wikipedia have a recall problem. First, there are the articles that should be there but are entirely missing. The unknown unknowns.

Consider Joelle Pineau, the Canadian roboticist bringing scientific rigor to artificial intelligence and who directs Facebook’s new AI Research lab in Montreal. Or Miriam Adelson, an actively publishing addiction treatment researcher who happens to be a billionaire by marriage and a major funder of her own field. Or Evelyn Wang, the new head of MIT’s revered MechE department whose accomplishments include a device that generates drinkable water from sunlight and desert air. When I wrote this a few days ago, none of them had articles on English Wikipedia, though they should by any measure of notability.

(Pineau is up now thanks to my friend and fellow science crusader Jess Wade who created an article just hours after I told her about Pineau’s absence. And if the internet is in a good mood, someone will create articles for the other two soon after this post goes live.)

But I didn’t discover those people on my own. I used a machine learning system we’re building at Primer. It discovered and described them for me. It does this much as a human would, if a human could read 500 million news articles, 39 million scientific papers, all of Wikipedia, and then write 70,000 biographical summaries of scientists.

[…]

We are publicly releasing free-licensed data about scientists that we’ve been generating along the way, starting with 30,000 computer scientists. Only 15% of them are known to Wikipedia. The data set includes 1 million news sentences that quote or describe the scientists, metadata for the source articles, a mapping to their published work in the Semantic Scholar Open Research Corpus, and mappings to their Wikipedia and Wikidata entries. We will revise and add to that data as we go. (Many thanks to Oren Etzioni and AI2 for data and feedback.) Our aim is to help the open data research community build better tools for maintaining Wikipedia and Wikidata, starting with scientific content.

Fluid Knowledge

We trained Quicksilver’s models on 30,000 English Wikipedia articles about scientists, their Wikidata entries, and over 3 million sentences from news documents describing them and their work. Then we fed in the names and affiliations of 200,000 authors of scientific papers.

In the morning we found 40,000 people missing from Wikipedia who have a similar distribution of news coverage as those who do have articles. Quicksilver doubled the number of scientists potentially eligible for a Wikipedia article overnight.

It also revealed the second flavor of the recall problem that plagues human-generated knowledge bases: information decay. For most of those 30,000 scientists who are on English Wikipedia, Quicksilver identified relevant information that was missing from their articles.

Source: Primer | Machine-Generated Knowledge Bases

Data center server BMCs are terribly outdated and insecure

BMCs can be used to remotely monitor system temperature, voltage and power consumption, operating system health, and so on, and power cycle the box if it runs into trouble, tweak configurations, and even, depending on the setup, reinstall the OS – all from the comfort of an operations center, as opposed to having to find an errant server in the middle of a data center to physically wrangle. They also provide the foundations for IPMI.

[…]

It’s a situation not unlike Intel’s Active Management Technology, a remote management component that sits under the OS or hypervisor, has total control over a system, and been exploited more than once over the years.

Waisman and his colleague Matias Soler, a senior security researcher at Immunity, examined these BMC systems, and claimed the results weren’t good. They even tried some old-school hacking techniques from the 1990s against the equipment they could get hold of, and found them to be very successful. With HP’s BMC-based remote management technology iLO4, for example, the builtin web server could be tricked into thinking a remote attacker was local, and so didn’t need to authenticate them.

“We decided to take a look at these devices and what we found was even worse than what we could have imagined,” the pair said. “Vulnerabilities that bring back memories from the 1990s, remote code execution that is 100 per cent reliable, and the possibility of moving bidirectionally between the server and the BMC, making not only an amazing lateral movement angle, but the perfect backdoor too.”

The fear is that once an intruder gets into a data center network, insecure BMC firmware could be used to turn a drama into a crisis: vulnerabilities in the technology could be exploited to hijack more systems, install malware that persists across reboots and reinstalls, or simple hide from administrators.

[…]

The duo probed whatever kit they could get hold of – mainly older equipment – and it could be that modern stuff is a lot better in terms of security with firmware that follows secure coding best practices. On the other hand, what Waisman and Soler have found and documented doesn’t inspire a terrible amount of confidence in newer gear.

Their full findings can be found here, and their slides here.

Source: Can we talk about the little backdoors in data center servers, please? • The Register

TSA says ‘Quiet Skies’ surveillance snared zero threats but put 5000 travellers under surveillance and on no fly lists

SA officials were summoned to Capitol Hill Wednesday and Thursday afternoon following Globe reports on the secret program, which sparked sharp criticism because it includes extensive surveillance of domestic fliers who are not suspected of a crime or listed on any terrorist watch list.

“Quiet Skies is the very definition of Big Brother,” Senator Edward Markey of Massachusetts, a member of the Senate Commerce, Science, and Transportation committee, said broadly about the program. “American travelers deserve to have their privacy and civil rights protected even 30,000 feet in the air.”

[…]

The teams document whether passengers fidget, use a computer, or have a “cold penetrating stare,” among other behaviors, according to agency documents.

All US citizens who enter the country from abroad are screened via Quiet Skies. Passengers may be selected through a broad, undisclosed set of criteria for enhanced surveillance by a team of air marshals on subsequent domestic flights, according to agency documents.

Dozens of air marshals told the Globe the “special mission coverage” seems to test the limits of the law, and is a waste of time and resources. Several said surveillance teams had been assigned to follow people who appeared to pose no threat — a working flight attendant, a businesswoman, a fellow law enforcement officer — and to document their actions in-flight and through airports.

[…]

The officials said about 5,000 US citizens had been closely monitored since March and none of them were deemed suspicious or merited further scrutiny, according to people with direct knowledge of the Thursday meeting.

Source: TSA says ‘Quiet Skies’ surveillance snared zero threats – The Boston Globe

Didn’t the TSA learn anything from the no-fly lists not working in the first place?!

Google keeps tracking you even when you specifically tell it not to: Maps, Search won’t take no for an answer

Google has admitted that its option to “pause” the gathering of your location data doesn’t apply to its Maps and Search apps – which will continue to track you even when you specifically choose to halt such monitoring.

Researchers at Princeton University in the US this week confirmed on both Android handhelds and iPhones that even if you go into your smartphone’s settings and turn off “location history”, Google continues to snoop on your whereabouts and save it to your personal profile.

That may seem contradictory, however, Google assured the Associated Press that it is all fine and above-board because the small print says the search biz will keep tracking you regardless.

“There are a number of different ways that Google may use location to improve people’s experience, including: Location History, Web and App Activity, and through device-level Location Services,” the giant online ad company told AP, adding: “We provide clear descriptions of these tools, and robust controls so people can turn them on or off, and delete their histories at any time.”

The mistake people make is wrongly assuming that turning off an option called “location history” actually turns off the gathering of location data – which is obviously ridiculous because if people really wanted Google not to know where they are every second of every day, they would of course go to “Web and App Activity” and “pause” all activity there, even though it makes no mention of location data.

Besides, in the pop-up explanation that appears in order to make you confirm that you want your location data turned off, Google is entirely upfront when it says, in the second paragraph: “This setting does not affect other location services on your device, like Google Location Services and Find My Device. Some location data may be saved as part of your activity on other Google services, like Search and Maps.”

Of course by “may be saved,” Google means “will be saved,” and it forgets to tell you that “Web and App Activity” is where you need to go to stop Search and Maps from storing your location data.

Misdirection

Of course, there’s no reason to assume that works either since Google makes no mention of turning off location when you “pause” web and app activity. Instead, it just tells you why that’s a bad idea: “Pausing additional Web & App Activity may limit or disable more personalized experiences across Google services. For example, you may stop seeing helpful recommendations based on the apps and sites you use.”

But it gets even weirder than that: because if you expect that turning off “Web and App Activity” would actually stop web and app activity in the same way turning off location history would turn off location data – then you’ve ended up in the wrong place again.

In that web and app activity pop-up: “If your Android usage & diagnostics setting is turned on, your device will still share information with Google, like battery level, how often you use your device and apps, and system errors. View Google settings on your Android device to change this setting.”

So if you want to turn off location, you need to go Web and App Activity.

And if you want to turn off web and app activity, you need to go to Google settings – although where precisely it’s not clear.

Source: Google keeps tracking you even when you specifically tell it not to: Maps, Search won’t take no for an answer • The Register

AI identifies heat-resistant coral reefs in Indonesia

A recent scientific survey off the coast of Sulawesi Island in Indonesia suggests that some shallow water corals may be less vulnerable to global warming than previously thought.

Between 2014 and 2017, the world’s reefs endured the worst coral bleaching event in history, as the cyclical El Niño climate event combined with anthropogenic warming to cause unprecedented increases in water temperature.

But the June survey, funded by Microsoft co-founder Paul Allen’s family foundation, found the Sulawesi reefs were surprisingly healthy.

In fact the reefs hadn’t appeared to decline significantly in condition than when they were originally surveyed in 2014 – a surprise for British scientist Dr Emma Kennedy, who led the research team.

A combination of 360-degree imaging tech and Artificial Intelligence (AI) allowed scientists to gather and analyse more than 56,000 images of shallow water reefs. Over the course of a six-week voyage, the team deployed underwater scooters fitted with 360 degree cameras that allowed them to photograph up to 1.5 miles of reef per dive, covering a total of 1487 square miles in total.

Researchers at the University of Queensland in Australia then used cutting edge AI software to handle the normally laborious process of identifying and cataloguing the reef imagery. Using the latest Deep Learning tech, they ‘taught’ the AI how to detect patterns in the complex contours and textures of the reef imagery and thus recognise different types of coral and other reef invertebrates.

Once the AI had shown between 400 and 600 images, it was able to process images autonomously. Says Dr Kennedy, “the use of AI to rapidly analyse photographs of coral has vastly improved the efficiency of what we do — what would take a coral reef scientist 10 to 15 minutes now takes the machine a few seconds.”

Source: AI identifies heat-resistant coral reefs in Indonesia | Environment | The Guardian

MS Sketch2Code uses AI to convert a picture of a wireframe to HTML – download and try

Description

Sketch2Code is a solution that uses AI to transform a handwritten user interface design from a picture to a valid HTML markup code.

Process flow

The process of transformation of a handwritten image to HTML this solution implements is detailed as follows:

  1. The user uploads an image through the website.
  2. A custom vision model predicts what HTML elements are present in the image and their location.
  3. A handwritten text recognition service reads the text inside the predicted elements.
  4. A layout algorithm uses the spatial information from all the bounding boxes of the predicted elements to generate a grid structure that accommodates all.
  5. An HTML generation engine uses all these pieces of information to generate an HTML markup code reflecting the result.
  6. <A href=”https://github.com/Microsoft/ailab/tree/master/Sketch2Code”>Sketch2Code Github</a>