Inside the Podcast that Hacks Ring Camera Owners Live on Air
In the NulledCast podcast
hackers livestream the harassment of Ring camera owners after accessing their devices. Hundreds of people can listen. From a report:
A blaring siren suddenly rips through the Ring camera, startling the Florida family inside their own home. "It's your boy Chance on Nulled," a voice says from the Ring camera, which a hacker has taken over. "How you doing? How you doing?" "Welcome to the NulledCast," the voice says. The NulledCast is a podcast livestreamed to Discord. It's a show in which hackers take over people's Ring and Nest smarthome cameras and use their speakers to talk to and harass their unsuspecting owners. In the example above, Chance blared noises and shouted racist comments at the Florida family. "Sit back and relax to over 45 minutes of entertainment," an advertisement for the podcast posted to a hacking forum called Nulled reads. "Join us as we go on completely random tangents such as; Ring & Nest Trolling, telling shelter owners we killed a kitten, Nulled drama, and more ridiculous topics. Be sure to join our Discord to watch the shows live."
Software to hack Ring cameras has recently become popular on the forum. The software churns through previously compromised email addresses and passwords to break into Ring cameras at scale. This has led to a recent spate of hacks that have occurred both during the podcast and at other times, several of which have been covered by local media outlets. In Brookhaven a hacker shouted at a sleeping woman through her hacked Ring camera to wake-up. In Texas, a hacker demanded a couple pay a bitcoin ransom. Hackers targeted a family in DeSoto County, Mississippi, and spoke through the device to one of the young children.
Google Adds Spam Detection and Verified Business SMS To Messages
Businesses often send one-time passwords, account alerts and appointment confirmations via text. But if you've ever received one of those, you know they tend to come from a random number, and bad actors can take advantage of that by disguising phishing scams as one of those messages. To protect users,
Google will soon verify SMS messages from registered businesses. From a report:
When you receive a message from a verified business, you'll see the company name, logo and a verification badge in the message thread. Businesses must sign up to use Verified SMS, and so far, 1-800-Flowers, Banco Bradesco, Kayak, Payback and SoFi are on-board. Verified SMS is rolling out gradually in the US, Brazil, Canada, France, India, Mexico, Philippines, Spain and the UK. Google is also adding real-time spam detection. When Google suspects a message is phishy or garbage, it will show a spam warning in Messages.
Rude Paper Reviews Are Pervasive and Sometimes Harmful, Study Finds
sciencehabit writes:
There's a running joke in academia about Reviewer 2. That's the reviewer that doesn't bother to read the manuscript a journal has sent out for evaluation for possible publication, offers condescending or outright offensive comments, and -- of course -- urges the irrelevant citation of their own work. Such unprofessional conduct is so pervasive there's even a whole Facebook group, more than 25,000 members strong, named "Reviewer 2 Must Be Stopped!" But it is no laughing matter, concludes a new study that finds boorish reviewer comments can have serious negative impacts, especially on authors belonging to marginalized groups.
The study surveyed 1106 scientists from 46 countries and 14 disciplines. More than half of the respondents -- who were promised anonymity -- reported receiving at least one "unprofessional" review, and a majority of those said they had received multiple problematic comments. Those comments tended to personally target a scientist, lack constructive criticism, or were just unnecessarily harsh or cruel, the authors report. For example, one author received a review that stated: "The phrases I have so far avoided using in this review are 'lipstick on a pig' and 'bullshit baffles brains.'" Another reported receiving this missive: "The author's last name sounds Spanish. I didn't read the manuscript because I'm sure it's full of bad English."
'Link in Bio' is a Slow Knife
Anil Dash:
We don't even notice it anymore -- "link in bio." It's a pithy phrase, usually found on Instagram, which directs an audience to be aware that a pertinent web link can be found on that user's profile. Its presence is so subtle, and so pervasive, that we barely even noticed it was an attempt to kill the web. Links on the web are incredibly powerful. There are decades of theory behind the role of hyperlinks in hypertext -- did you know in most early versions, links were originally designed to be two-way? You'd be able to see every page on the web that links to this one. But even in the very simple form that we've ended up with on the World Wide Web for the last 30 years, links are incredibly powerful, opening up valuable connections between unexpected things.
For a closed system, those kinds of open connections are deeply dangerous. If anyone on Instagram can just link to any old store on the web, how can Instagram -- meaning Facebook, Instagram's increasingly-overbearing owner -- tightly control commerce on its platform? If Instagram users could post links willy-nilly, they might even be able to connect directly to their users, getting their email addresses or finding other ways to communicate with them. Links represent a threat to closed systems. Here's the thing, though: people like links. So closed systems have to present a pressure release valve. Hashtags are a great way out. They use the semiotics of links (early versions of hashtags on social platforms were really barely more than automated links to a search for a particular term) but are also constrained by the platforms they live on. A hashtag is easier to gather into a database, to harvest, to monetize. It's much easier, sure, but it also doesn't have all the messiness of a real link. Instagram doesn't have to worry that clicking on its hashtags will accidentally lead people to Twitter, or vice versa.
Russian Police Raid NGINX Moscow Office
Russian police have
raided today the Moscow offices of NGINX, Inc., a subsidiary of F5 Networks and the company behind the internet's most popular web server technology. From a report:
Equipment was seized and employees were detained for questioning. Moscow police executed the raid after last week the Rambler Group filed a copyright violation against NGINX Inc., claiming full ownership of the NGINX web server code. The Rambler Group is the parent company of rambler.ru, one of Russia's biggest search engines and internet portals. According to copies of the search warrant posted on Twitter today, Rambler claims that Igor Sysoev developed NGINX while he was working as a system administrator for the company, hence they are the rightful owner of the project. Sysoev created NGINX in the early 2000s and open-sourced the NGINX code in 2004. In 2009, he founded NGINX, Inc., a US company, to provide adjacent tools and support services for NGINX deployments. The company is based in San Francisco, but has offices all over the world, including Moscow. The NGINX server's source code is still free and managed through an open-source model, although a large chunk of the project's primary contributors are NGINX, Inc. employees, who have a firm grip on the project's stewardship.
AI R&D is Booming, But General Intelligence is Still Out of Reach
The AI world is booming in a
range of metrics covering research, education, and technical achievements, according to
AI Index report -- an annual rundown of machine learning data points now in its third year. From a news writeup, which outlines some of the more interesting and pertinent points:
AI research is rocketing. Between 1998 and 2018, there's been a 300 percent increase in the publication of peer-reviewed papers on AI. Attendance at conferences has also surged; the biggest, NeurIPS, is expecting 13,500 attendees this year, up 800 percent from 2012.
AI education is equally popular. Enrollment in machine learning courses in universities and online continues to rise. Numbers are hard to summarize, but one good indicator is that AI is now the most popular specialization for computer science graduates in North America. Over 21 percent of CS PhDs choose to specialize in AI, which is more than double the second-most popular discipline: security / information assurance.
The US is still the global leader in AI by most metrics. Although China publishes more AI papers than any other nation, work produced in the US has a greater impact, with US authors cited 40 percent more than the global average. The US also puts the most money into private AI investment (a shade under $12 billion compared to China in second place globally with $6.8 billion) and files many more AI patents than any other country (with three times more than the number two nation, Japan).
AI algorithms are becoming faster and cheaper to train. Research means nothing unless it's accessible, so this data point is particularly welcome. The AI Index team noted that the time needed to train a machine vision algorithm on a popular dataset (ImageNet) fell from around three hours in October 2017 to just 88 seconds in July 2019. Costs also fell, from thousands of dollars to double-digit figures.
Self-driving cars received more private investment than any AI field. Just under 10 percent of global private investment went into autonomous vehicles, around $7.7 billion. That was followed by medical research and facial recognition (both attracting $4.7 billion), while the fastest-growing industrial AI fields were less flashy: robot process automation ($1 billion investment in 2018) and supply chain management (over $500 million).
Getting Drivers for Old Hardware Is Harder Than Ever
At least one major provider of hardware-level BIOS drivers is actively deleting old stuff it no longer supports, while old FTP sites where vintage drivers are often found are soon going to be harder to reach. Ernie Smith,
writing for Motherboard:
You've never lived until you've had to download a driver from an archived forum post on the Internet Archive's Wayback Machine. You have no idea if it's going to work, but it's your only option. So you bite the bullet. I recently did this with a PCI-based SATA card I was attempting to flash to support a PowerPC-based Mac, and while it was a bit of a leap of faith, it actually ended up working. Score one for chance. But this, increasingly, feels like it may be a way of life for people trying to keep old hardware alive -- despite the fact that all the drivers generally have to do is simply sit on the internet, available when they're necessary.
Apparently, that isn't easy enough for Intel. Recently, the chipmaker took BIOS drivers, a boot-level firmware technology used for hardware initialization in earlier generations of PCs, for a number of its unsupported motherboards off its website, citing the fact that the programs have reached an "End of Life" status. While it reflects the fact that Unified Extensible Firmware Interface (UEFI), a later generation of firmware technology used in PCs and Macs, is expected to ultimately replace BIOS entirely, it also leaves lots of users with old gadgets out in a lurch. And as Bleeping Computer has noted, it appears to be part of a broader trend to prevent downloads for unsupported hardware on the Intel website -- things that have long lived past their current lives. After all, if something goes wrong, Intel can be sure it's not liable if a 15-year-old BIOS update borks a system.
Google Assistant Can Now Interpret 44 Languages on Smartphones
Kyle Wiggers,
writing for VentureBeat:
In January during the 2019 Consumer Electronics Show in Las Vegas, Google debuted interpreter mode, a real-time translation feature for Google Home speakers and third-party smart displays like those from JBL, Sony, LG, and Lenovo. The tech giant said at the time that interpreter mode would eventually come to mobile devices, but it didn't set a date. The date is today, as it turns out. As of this morning, Google Assistant on both Android and iOS smartphones supports interpreter mode, enabling you to ask for directions, order food, or simply chat in a foreign language. The number of recognized languages has increased from 27 to 44, and interpreter mode now lets you optionally type using a keyboard or manually select the language in which you'd like to speak. Saying a command like "Hey Google, be my German translator" or "Hey Google, help me speak Thai" kicks off interpreter mode. You'll see and hear the translated conversation on your phone, and after each translation, Google Assistant might present suggestions (like "Nien" or "Ju tut et") that let you quickly respond.
Iran Banks Burned, Then Customer Accounts Were Exposed Online
The details of millions of Iranian bank cards were published online after antigovernment protests last month.
Experts suspect a state-sponsored cyberattack. From a report:
After demonstrators in Iran set fire to hundreds of bank branches last month in antigovernment protests, the authorities dealt with another less visible banking threat that is only now coming to fuller light: a security breach that exposed the information of millions of Iranian customer accounts. As of Tuesday, details of 15 million bank debit cards in Iran had been published on social media in the aftermath of the protests, unnerving customers and forcing the government to acknowledge a problem. The exposure represented the most serious banking security breach in Iran, according to Iranian media and a law firm representing some of the victims.
The breach, which targeted customers of Iran's three largest banks, was likely to further rattle an economy already reeling from the effects of American sanctions and came as Iran's leadership was grappling with deep-seated anger over its deadly crackdown on the protests. The number of affected accounts represents close to a fifth of the country's population. "This is the largest financial scam in Iran's history," reported Aftab News, a conservative media outlet. "Millions of Iranians are worried to find their names among the list of hacked accounts."
Two of China's Largest Tech Firms Are Uniting To Create a New 'Domestic OS'
The two biggest OS (operating system) makers in China announced plans last week to unite and jointly
build a new "domestic operating system." From a report:
The two companies are China Standard Software (CS2C) and Tianjin Kylin Information (TKC), two of China's largest software firms, with known ties to the Beijing government. Both companies are known on the local Chinese OS market. CS2C created "China's Windows XP clone," known as the NeoKylin OS, and TKC is the current steward of Kylin, China's first-ever homegrown operating system. CS2C and TKC plan to set up a new company in which they'll become investors, and through which the new joint OS will be developed. The new company will handle the new operating system's development, technological decisions, marketing, branding, financials, and sales. The current Kylin and NeoKylin operating systems will serve as a base for the new OS, the two said.
Larry Page Is Quietly Funding Efforts To Develop a Universal Flu Vaccine
An anonymous reader quotes a report from The Verge:
Google co-founder Larry Page is funneling money from his charitable foundation to a private flu-fighting initiative run as a for-profit company, TechCrunch reported. The program offers free flu shots to children in Oakland, California-area schools. Page also has a second company funding efforts to create a universal flu vaccine, according to the report. The free flu shots are offered through a group called Shoo The Flu, which started funding flu shots for both elementary and kindergarten through eighth grade schools in 2014. Shoo the Flu reimburses the Alameda County Public Health Department and school districts for the cost of the program.
The second company, Flu Lab, provides funding for the Bill & Melinda Gates Foundation's Grand Challenge for Universal Influenza Vaccine Development. Page and his family were initially contributing funding to the challenge directly, but they were replaced by Flu Lab. Flu Lab also supports the nonprofit Sabin Vaccine Institute, which works to expand vaccine access. The funding established the Sabin-Aspen Vaccine Science & Policy Group, which met in 2018 to discuss efforts to develop a universal flu vaccine. Shoo the Flu's director is also the CEO of Flu Lab, and TechCrunch reported that Shoo the Flu will soon move under the umbrella of Flu Lab. The report notes that both Shoo the Flu and Flu Lab are private, for-profit companies and therefore not required to file public tax returns.
"However, the funding for Shoo the Flu comes from Page's charitable foundation, the Carl Victor Page Memorial Foundation, which does have to file public returns," reports The Verge. "That makes the money flowing into the company public; Page's foundation gave Shoo the Flu over $4.1 million between 2015 and 2017, TechCrunch reported. What the organization did with that money is not as readily available."
Verizon Lays Off More Yahoo/AOL Employees
Verizon is
laying off 150 U.S. staffers this week across multiple teams in the organization. CNN reports:
Verizon Media employs around 10,500 people [across media brands that include Yahoo, AOL, TechCrunch and HuffPost], so these cuts will amount to 1.4% of its work force. It's unclear which brands will be affected. In January, Verizon Media laid off roughly 800 employees, or about 7% of its staff at the time, as the division's revenues failed to meet expectations.
A spokesperson for Verizon Media confirmed the layoffs to CNN Business. "Our goal is to create the best experiences for our consumers and the best platforms for our customers. Today we are investing in premium content, connections and commerce experiences that connect people to their passions and continue to align our resources to opportunities where we feel we can differentiate ourselves and scale faster," the spokesperson said in a statement.
'Monster' Black Hole Announced Last Week Is Nothing Special
The Bad Astronomer writes:
Last week, scientists announced the discovery of a stellar-mass black hole with 70 times the Sun's mass, far heftier than theory predicts they can get. Within days, though, four separate papers have come out casting extreme doubt on the claim. They show that the data wasn't processed correctly, and that the black hole is closer to Earth than first assumed, which changes the calculations and makes it a more normal 5 - 20 solar mass object.
Low-Risk Ultrasound Procedure Destroys 80 Percent of Prostate Cancers In One-Year Study
An anonymous reader quotes a report from SlashGear:
A new treatment shows promise for revolutionizing prostate cancer treatment, offering a minimally-invasive and relatively low-risk alternative to traditional surgeries and radiotherapies. Called TULSA, this method uses sound waves to eliminate the diseased tissue in the prostate, leaving the rest of the healthy tissues behind. According to the researchers, patients treated with this method experience "minimal side effects." The transurethral ultrasound ablation (TULSA) method uses an MRI to guide the procedure, which involves inserting a rod through the urethra into the prostate, where it uses heat via sound waves to destroy the cancerous tissues. Unlike the surgery typically used to treat this condition, TULSA is minimally invasive and can be performed as an outpatient procedure.
Using guided and controlled sound waves, doctors are able to preserve the nerves near the prostate while eliminating the diseased tissues using a total of 10 elements located on the insertable rod. A software algorithm is part of the system -- it controls the strength, direction, and shape of the ultrasound beam, though doctors watch carefully using the MRI in real-time. A new study involving 115 men found that the average treatment time for this procedure is a bit less than an hour. The researchers found that 80-percent of patients experienced elimination of "clinically significant" cancer and that 72 of the men had no signs of cancer after the first year. As well, incontinence was a very rare side effect of the procedure, which also had low instances of impotence.
The World's First Village of Affordable 3D-Printed Homes Is Now Complete
MikeChino shares a report from Dwell:
In Tabasco, Mexico, a family living below the poverty line recently visited their future home: a 3D-printed, 500-square foot structure with two bedrooms, one bath, a wraparound cement patio, and an awning over the front porch. It's one of two fully furnished homes -- printed in about 24 hours and finished by local nonprofit ECHALE -- that will soon make up a larger community of 50 dwellings with green spaces, parks, amenities, and basic utilities. Tabasco is a seismic zone, so the homes were engineered beyond standard safety requirements -- and they'll endure for generations. "Icon's printer, called the Vulcan II, isn't the first designed to build an entire house,"
notes Fast Company. "But the new Mexican neighborhood, which will have 50 of the homes, will be the first community to use this type of technology at scale."
New Story, the nonprofit leading the project, has
posted a video about the homes on their YouTube channel.
Re:Hacking
We can debate whether the dude deserves the term "hacker"; but I'd guess it's close to unanimous that he deserves the term "asshole".