The Linkielist

Linking ideas with the world

Smart alarms left 3 million cars vulnerable to hackers who could turn off motors, unlock doors remotely

Two popular smart alarm systems for cars had major security flaws that allowed potential hackers to track the vehicles, unlock their doors and, in some cases, cut off the engine. The vulnerabilities could be exploited with two simple steps, security researchers from Pen Test Partners, who discovered the flaw, said Friday. The problems were found Read more about Smart alarms left 3 million cars vulnerable to hackers who could turn off motors, unlock doors remotely[…]

Freelance devs: Oh, you wanted the app to be secure? The job spec didn’t mention that

Freelance developers hired to implement password-based security systems do so about as effectively as computer science students, which is to say not very well at all. Boffins at the University of Bonn in Germany set out to expand on research in 2017 and 2018 that found computer science students asked to implement a user registration Read more about Freelance devs: Oh, you wanted the app to be secure? The job spec didn’t mention that[…]

From hard drive to over-heard drive: Boffins convert spinning rust into eavesdropping mic, if you shout!

Eggheads at the University of Michigan in the US, and Zhejiang University in China, have found that hard disk drives (HDDs) can be turned into listening devices, using malicious firmware and signal processing calculations. For a study titled “Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone,” computer scientists Andrew Kwong, Wenyuan Xu, Read more about From hard drive to over-heard drive: Boffins convert spinning rust into eavesdropping mic, if you shout![…]

Iranian hackers ransack Citrix, make off with 6TB+ of emails, biz docs, internal secrets – they had to be told by the FBI that they were hacked at all

Citrix today warned its customers that foreign hackers romped through its internal company network and stole corporate secrets. The enterprise software giant – which services businesses, the American military, and various US government agencies – said it was told by the FBI on Wednesday that miscreants had accessed Citrix’s IT systems and exfiltrated a significant Read more about Iranian hackers ransack Citrix, make off with 6TB+ of emails, biz docs, internal secrets – they had to be told by the FBI that they were hacked at all[…]

Chelsea Manning jailed for refusing to testify on Wikileaks

Former Army intelligence analyst Chelsea Manning, who served years in prison for leaking one of the largest troves of classified documents in U.S. history, has been sent to jail for refusing to testify before a grand jury investigating Wikileaks. U.S. District Judge Claude Hilton ordered Manning to jail for contempt of court Friday after a Read more about Chelsea Manning jailed for refusing to testify on Wikileaks[…]

Researchers are training image-generating AI with fewer labels by letting the model infer the labels

Generative AI models have a propensity for learning complex data distributions, which is why they’re great at producing human-like speech and convincing images of burgers and faces. But training these models requires lots of labeled data, and depending on the task at hand, the necessary corpora are sometimes in short supply. The solution might lie in Read more about Researchers are training image-generating AI with fewer labels by letting the model infer the labels[…]

Google launches TensorFlow Lite 1.0 for mobile and embedded devices

Google today introduced TensorFlow Lite 1.0, its framework for developers deploying AI models on mobile and IoT devices. Improvements include selective registration and quantization during and after training for faster, smaller models. Quantization has led to 4 times compression of some models. “We are going to fully support it. We’re not going to break things Read more about Google launches TensorFlow Lite 1.0 for mobile and embedded devices[…]

Leaked Documents Show the U.S. Government Tracking Journalists and Immigration Advocates Through a Secret Database, having them detained at borders

One photojournalist said she was pulled into secondary inspections three times and asked questions about who she saw and photographed in Tijuana shelters. Another photojournalist said she spent 13 hours detained by Mexican authorities when she tried to cross the border into Mexico City. Eventually, she was denied entry into Mexico and sent back to Read more about Leaked Documents Show the U.S. Government Tracking Journalists and Immigration Advocates Through a Secret Database, having them detained at borders[…]

When 2FA means sweet FA privacy: Facebook admits it slurps mobe numbers for more than just profile security

This time, the Silicon Valley giant has been caught red-handed using people’s cellphone numbers, provided exclusively for two-factor authentication, for targeted advertising and search – after it previously insinuated it wouldn’t do that. Folks handing over their mobile numbers to protect their accounts from takeovers and hijackings thought the contact detail would be used for Read more about When 2FA means sweet FA privacy: Facebook admits it slurps mobe numbers for more than just profile security[…]

Welding glass to metal breakthrough could transform manufacturing

Scientists from Heriot-Watt University have welded glass and metal together using an ultrafast laser system, in a breakthrough for the manufacturing industry. Various optical materials such as quartz, borosilicate glass and even sapphire were all successfully welded to metals like aluminium, titanium and stainless steel using the Heriot-Watt laser system, which provides very short, picosecond Read more about Welding glass to metal breakthrough could transform manufacturing[…]

SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability

Further demonstrating the computational risks of looking into the future, boffins have found another way to abuse speculative execution in Intel CPUs to steal secrets and other data from running applications. This security shortcoming can be potentially exploited by malicious JavaScript within a web browser tab, or malware running on a system, or rogue logged-in Read more about SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability[…]

Apples’ Shazam for iOS Sheds 3rd Party SDKs. Keeps pumping your data through on Android.

Shazam, the song identification app Apple bought for $400M, recently released an update to its iOS app that got rid of all 3rd party SDKs the app was using except for one. The SDKs that were removed include ad networks, analytics trackers, and even open-source utilities. Why, you ask? Because all of those SDKs leak Read more about Apples’ Shazam for iOS Sheds 3rd Party SDKs. Keeps pumping your data through on Android.[…]

Facebook receives personal health data from apps, even if you don’t have a FB account

Facebook receives highly personal information from apps that track your health and help you find a new home, testing by The Wall Street Journal found. Facebook can receive this data from certain apps even if the user does not have a Facebook account, according to the Journal. Facebook has already been in hot water concerning Read more about Facebook receives personal health data from apps, even if you don’t have a FB account[…]

W3C approves WebAuthn as the web standard for password-free logins using FIDO2

The World Wide Web Consortium (W3C) today declared that the Web Authentication API (WebAuthn) is now an official web standard. First announced by the W3C and the FIDO Alliance in November 2015, WebAuthn is now an open standard for password-free logins on the web. It is supported by W3C contributors, including Airbnb, Alibaba, Apple, Google, Read more about W3C approves WebAuthn as the web standard for password-free logins using FIDO2[…]

Missing Out On Deep Sleep Causes Alzheimer’s Plaques to Build Up

Getting enough deep sleep might be the key to preventing dementia. In a series of recent experiments on mice, researchers discovered that deep sleep helps the brain clear out potentially toxic waste. The discovery reinforces how critical quality sleep is for brain health and suggests sleep therapies might curb the advance of memory-robbing ailments, like Alzheimer’s disease. Read more about Missing Out On Deep Sleep Causes Alzheimer’s Plaques to Build Up[…]

Massive Database Leak Gives Us a Window into China’s Digital Surveillance State

Earlier this month, security researcher Victor Gevers found and disclosed an exposed database live-tracking the locations of about 2.6 million residents of Xinjiang, China, offering a window into what a digital surveillance state looks like in the 21st century. Xinjiang is China’s largest province, and home to China’s Uighurs, a Turkic minority group. Here, the Read more about Massive Database Leak Gives Us a Window into China’s Digital Surveillance State[…]

Scientists turn CO2 ‘back into coal’ in breakthrough carbon capture experiment

The research team led by RMIT University in Melbourne, Australia, developed a new technique using a liquid metal electrolysis method which efficiently converts CO2 from a gas into solid particles of carbon. Published in the journal Nature Communications, the authors say their technology offers an alternative pathway for “safely and permanently” removing CO2 from the Read more about Scientists turn CO2 ‘back into coal’ in breakthrough carbon capture experiment[…]

Google’s DeepMind can predict wind energy income a day in advance

Wind power has become increasingly popular, but its success is limited by the fact that wind comes and goes as it pleases, making it hard for power grids to count on the renewable energy and less likely to fully embrace it. While we can’t control the wind, Google has an idea for the next best Read more about Google’s DeepMind can predict wind energy income a day in advance[…]

Studies Keep Showing That the Best Way to Stop Piracy Is to Offer Cheaper, Better Alternatives

Study after study continues to show that the best approach to tackling internet piracy is to provide these would-be customers with high quality, low cost alternatives. For decades the entertainment industry has waged a scorched-earth assault on internet pirates. Usually this involves either filing mass lawsuits against these users, or in some instances trying to Read more about Studies Keep Showing That the Best Way to Stop Piracy Is to Offer Cheaper, Better Alternatives[…]

Ready for another fright? Spectre flaws in today’s computer chips can be exploited to hide, run stealthy malware

Co-authored by three computer science boffins from the University of Colorado, Boulder in the US – Jack Wampler, Ian Martiny, and Eric Wustrow – the paper, “ExSpectre: Hiding Malware in Speculative Execution,” describes a way to compile malicious code into a seemingly innocuous payload binary, so it can be executed through speculative execution without detection. Read more about Ready for another fright? Spectre flaws in today’s computer chips can be exploited to hide, run stealthy malware[…]

Amazon Ring Doorbell allows people to eavesdrop with video and even insert footage

Plaintext transmission of audio/video footage to the Ring application allows for arbitrary surveillance and injection of counterfeit traffic, effectively compromising home security (CVE-2019-9483). […] We moved over to sniffing the application. Here we see a more sensible SIP/TLS approach, with pretty much all notifications, updates and information being passed via HTTPS. However, the actual RTP Read more about Amazon Ring Doorbell allows people to eavesdrop with video and even insert footage[…]

Stonehenge: Geologists have found exactly where some rocks came from

Five thousand years after people in the British Isles began building Stonehenge, scientists now know precisely where some of the massive rocks came from and how they were unearthed. A team of 12 geologists and archaeologists from across the United Kingdom unveiled research this month that traces some of the prehistoric monument’s smaller stones to Read more about Stonehenge: Geologists have found exactly where some rocks came from[…]

Incredible Experiment Gives Infrared Vision to Mice—and Humans Could Be Next

By injecting nanoparticles into the eyes of mice, scientists gave them the ability to see near-infrared light—a wavelength not normally visible to rodents (or people). It’s an extraordinary achievement, one made even more extraordinary with the realization that a similar technique could be used in humans. Of all the remarkable things done to mice over Read more about Incredible Experiment Gives Infrared Vision to Mice—and Humans Could Be Next[…]

How artificially brightened clouds could cool down the earth

Clouds, however, naturally reflect the sun (it’s why Venus – a planet with permanent cloud cover – shines so brightly in our night sky). Marine stratocumulus clouds are particularly important, covering around 20% of the Earth’s surface while reflecting 30% of total solar radiation. Stratocumulus clouds also cool the ocean surface directly below. Proposals to Read more about How artificially brightened clouds could cool down the earth[…]