Hackers Could Blow Up Factories Using Smartphone Apps
An anonymous reader quotes a report from MIT Technology Review:
Two security researchers, Alexander Bolshev of IOActive and Ivan Yushkevich of Embedi, spent last year examining 34 apps from companies including Siemens and Schneider Electric. They found a total of 147 security holes in the apps, which were chosen at random from the Google Play Store. Bolshev declined to say which companies were the worst offenders or reveal the flaws in specific apps, but he said only two of the 34 had none at all. Some of the vulnerabilities the researchers discovered would allow hackers to interfere with data flowing between an app and the machine or process it's linked to. So an engineer could be tricked into thinking that, say, a machine is running at a safe temperature when in fact it's overheating. Another flaw would let attackers insert malicious code on a mobile device so that it issues rogue commands to servers controlling many machines. It's not hard to imagine this causing mayhem on an assembly line or explosions in an oil refinery. The researchers say they haven't looked at whether any of the flaws has actually been exploited. Before publishing their findings, they contacted the companies whose apps had flaws in them. Some have already fixed the holes; many have yet to respond.
FCC Undoing Rules That Make It Easier For Small ISPs To Compete With Big Telecom
An anonymous reader quotes a report from Motherboard:
The Federal Communications Commission is currently considering a rule change that would alter how it doles out licenses for wireless spectrum. These changes would make it easier and more affordable for Big Telecom to scoop up licenses, while making it almost impossible for small, local wireless ISPs to compete. The Citizens Broadband Radio Service (CBRS) spectrum is the rather earnest name for a chunk of spectrum that the federal government licenses out to businesses. It covers 3550-3700 MHz, which is considered a "midband" spectrum. It can get complicated, but it helps to think of it how radio channels work: There are specific channels that can be used to broadcast, and companies buy the license to broadcast over that particular channel. The FCC will be auctioning off licenses for the CBRS, and many local wireless ISPs -- internet service providers that use wireless signal, rather than cables, to connect customers to the internet -- have been hoping to buy licenses to make it easier to reach their most remote customers.
The CBRS spectrum was designed for Navy radar, and when it was opened up for auction, the traditional model favored Big Telecom cell phone service providers. That's because the spectrum would be auctioned off in pieces that were too big for smaller companies to afford -- and covered more area than they needed to serve their customers. But in 2015, under the Obama administration, the FCC changed the rules for how the CBRS spectrum would be divvied up, allowing companies to bid on the spectrum for a much smaller area of land. Just as these changes were being finalized this past fall, Trump's FCC proposed going back to the old method. This would work out well for Big Telecom, which would want larger swaths of coverage anyway, and would have the added bonus of being able to price out smaller competitors (because the larger areas of coverage will inherently cost more.) As for why the FCC is even considering this? You can blame T-Mobile. "According to the agency's proposal, because T-Mobile and CTIA, a trade group that represents all major cellphone providers, 'ask[ed] the Commission to reexamine several of the [...] licensing rules,'" reports Motherboard. The proposal reads: "Licensing on a census tract-basis -- which could result in over 500,000 [licenses] -- will be challenging for Administrators, the Commission, and licensees to manage, and will create unnecessary interference risks due to the large number of border areas that will need to be managed and maintained."
Scientists Change Our Understanding of How Anaesthesia Messes With the Brain
schwit1 shares a report from ScienceAlert:
It's crazy to think that we still don't quite understand the mechanism behind one of the most common medical interventions -- general anaesthetic. But researchers in Australia just got a step closer by discovering that one of the most commonly used anesthetic drugs doesn't just put us to sleep; it also disrupts communication between brain cells. The team investigated the drug propofol, a super-popular option for surgeries worldwide. A potent sedative, the drug is thought to put us to sleep through its effect on the GABA neurotransmitter system, the main regulator of our sleep-and-wake cycles in the brain. But anyone who's been "put under" will know that waking up from a general anesthetic feels rather different from your usual morning grogginess. On top of that, some people can experience serious side-effects, so scientists have been trying to figure out what else the drugs might be doing in the brain.
Using live neuron cell samples from rats and fruit flies, the researchers were able to track neurotransmitter activity thanks to a super-resolution microscope, and discovered that propofol messes with a key protein that nerve cells use to communicate with each other. This protein, called syntaxin1A, isn't just found in animal models - people have it, too. And it looks like the anesthetic drug puts the brakes on this protein, making otherwise normal brain cell connections sluggish, at least for a while. The researchers think this disruption could be key to how propofol allows for pain-free surgery to take place - first it knocks us out as a normal sleeping pill would, and then takes things up a notch by disrupting brain connectivity. The research has been
published in Cell Reports.
South Korea Plans To Ban Cryptocurrency Trading
South Korea's government said on Thursday it
plans to ban cryptocurrency trading, sending bitcoin prices plummeting and throwing the virtual coin market into turmoil as the nation's police and tax authorities raided local exchanges on alleged tax evasion. Reuters reports:
The clampdown in South Korea, a crucial source of global demand for cryptocurrency, came as policymakers around the world struggled to regulate an asset whose value has skyrocketed over the last year. Justice minister Park Sang-ki said the government was preparing a bill to ban trading of the virtual currency on domestic exchanges. Once a bill is drafted, legislation for an outright ban of virtual coin trading will require a majority vote of the total 297 members of the National Assembly, a process that could take months or even years. The local price of bitcoin plunged as much as 21 percent in midday trade to 18.3 million won (12,730.35 pounds) after the minister's comments. It still trades at around a 30 percent premium compared to other countries.
TiVo Sues Comcast Again, Alleging Operator's X1 Infringes Eight Patents
TiVo's Rovi subsidiary on Wednesday filed two lawsuits in federal district courts,
alleging Comcast's X1 platform infringes eight TiVo-owned patents. "That includes technology covering pausing and resuming shows on different devices; restarting live programming in progress; certain advanced DVR recording features; and advanced search and voice functionality," reports Variety. From the report:
A Comcast spokeswoman said the company will "aggressively defend" itself. "Comcast engineers independently created our X1 products and services, and through its litigation campaign against Comcast, Rovi seeks to charge Comcast and its customers for technology Rovi didn't create," the Comcast rep said in a statement. "Rovi's attempt to extract these unfounded payments for its aging and increasingly obsolete patent portfolio has failed to date."
TiVo's legal action comes after entertainment-tech vendor Rovi (which acquired the DVR company in 2016 and adopted the TiVo name) sued Comcast and its set-top suppliers in April 2016, alleging infringement of 14 patents. In November 2017, the U.S. International Trade Commission ruled that Comcast infringed two Rovi patents -- with the cable operator prevailing on most of the patents at issue. However, because one of the TiVo patents Comcast was found to have violated covered cloud-based DVR functions, the cable operator disabled that feature for X1 customers. Comcast is appealing the ITC ruling.
Circuit City Is Coming Back
a tease of a CES announcement, current Circuit City CEO Ronny Shmoel confirmed on Monday that something called Circuit City
will arrive as "a new, more personalized online shopping experience" starting February 15. The announcement even included
promises of AI-driven recommendations fueled by IBM's Watson platform, plus unexplained "augmented reality" and "search by photo" features. Ars Technica reports:
Curiously, Shmoel also promised "real-time tech support via video chat," but it's unclear whether this feature will include two-way video feeds -- and, thus, whether Circuit City is prepared for a deluge of Chatroulette-caliber video surprises from trolls. This online Circuit City rebirth may very well actually come to exist, as Shmoel claims that the company has put together a fully fledged inventory and distribution system, with a mix of known electronics brand names and "tier-two and tier-three" names (Shamsung? Panafauxnoic?). The same cannot be said for its CES tease of eventual brick-and-mortar showrooms in the neighborhood of 8,000-10,000 square feet, however. Shmoel already backtracked on similar showroom promises in 2016, and his CES pronouncement of future shops included no hard confirmations of locations or dates. But for anybody who dares to dream, Circuit City's showroom design partner, Taylored Group, released a concept render of its store vision which looks like a Radio Shack as if rendered in a Taiwanese hot-take news video.
Apple Health Data Is Being Used As Evidence In a Rape and Murder Investigation
An anonymous reader quotes a report from Motherboard:
Hussein K., an Afghan refugee in Freiburg, has been on trial since September for allegedly raping and murdering a student in Freiburg, and disposing of her body in a river. But many of the details of the trial have been hazy -- no one can agree on his real age, and most notably, there's a mysterious chunk of time missing from the geodata and surveillance video analysis of his whereabouts at the time of the crime. He refused to give authorities the passcode to his iPhone, but investigators hired a Munich company (which one is not publicly known) to gain access to his device, according to German news outlet Welt. They searched through Apple's Health app, which was added to all iPhones with the release of iOS 8 in 2014, and were able to gain more data about what he was doing that day. The app records how many steps he took and what kind of activity he was doing throughout that day. The app recorded a portion of his activity as "climbing stairs," which authorities were able to correlate with the time he would have dragged his victim down the river embankment, and then climbed back up. Freiburg police sent an investigator to the scene to replicate his movements, and sure enough, his Health app activity correlated with what was recorded on the defendant's phone.
Dropbox Files Confidentially For IPO
Dropbox, the file-sharing private company valued at $10 billion, has
filed confidentially for a U.S. initial public offering. From the report:
Goldman Sachs Group Inc. and JPMorgan Chase & Co. will lead the potential listing, according to the people, who asked not to be identified because the filing wasn't public. Dropbox is talking to other banks this month to fill additional roles on the IPO, the people said. The company is aiming to list in the first half of this year, one of the people said. Dropbox could be one of the biggest U.S. enterprise technology companies to list domestically in recent years.
Dropbox is likely to tout its biggest investment in recent years: its own cloud. It's spent hundreds of millions of dollars to build data centers and mostly wean itself off of Amazon.com Inc.'s servers, a rare feat for a software business with hundreds of millions of users. That's made it easier for Dropbox to cut costs while speeding file transfers, Chief Operating Officer Dennis Woodside said in an interview last year.
Pandora CEO Roger Lynch Wants To Create the Podcast Genome Project
Janko Roettgers, reporting for Variety:
Pandora's new CEO Roger Lynch has big plans for podcasts: Lynch told Variety on the sidelines of CES in Las Vegas Thursday that he wants to create "the equivalent of the podcast genome project" as the company plans to add many more podcasts to its catalog. Lynch, who joined Pandora as president and CEO in September, said that the company is working on a deep integration of podcasts that will allow users of the service to easily browse and discover new shows. Describing these efforts as a kind of podcast genome project is a nod to Pandora's Music Genome Project -- a massive database of dozens of musical attributes for every single song in the company's music library that is being used to compile stations and aid discovery. Pandora is also looking to offer podcasters monetization options that will be superior to the current state of podcast advertising. Currently, many podcasters still rely on ads that they read themselves on air, Lynch said. "It is not the most effective advertising model."
When It Comes to Gorillas, Google Photos Remains Blind
Tom Simonite, writing for Wired:
In 2015, a black software developer embarrassed Google by tweeting that the company's Photos service had labeled photos of him with a black friend as "gorillas." Google declared itself "appalled and genuinely sorry." An engineer who became the public face of the clean-up operation said the label gorilla would no longer be applied to groups of images, and that Google was "working on longer-term fixes." More than two years later, one of those fixes is erasing gorillas, and some other primates, from the service's lexicon. The awkward workaround illustrates the difficulties Google and other tech companies face in advancing image-recognition technology, which the companies hope to use in self-driving cars, personal assistants, and other products. WIRED tested Google Photos using a collection of 40,000 images well-stocked with animals. It performed impressively at finding many creatures, including pandas and poodles. But the service reported "no results" for the search terms "gorilla," "chimp," "chimpanzee," and "monkey."
Microsoft Partners with Signal to Bring End-To-End Encryption to Skype
Microsoft and Open Whisper Systems (makers of the Signal app) surprised many on Thursday when they said they are partnering to bring support for end-to-end (E2E) encrypted conversations to Skype. From a report:
The new feature, called Skype Private Conversations has been rolled out for initial tests with Skype Insider builds. Private Conversations will encrypt Skype audio calls and text messages. Images, audio or video files sent via Skype's text messaging feature will also be encrypted. Microsoft will be using the Signal open-source protocol to encrypt these communications. This is the same end-to-end encryption protocol used by Facebook for WhatsApp and Facebook Messenger, and by Google for the Allo app.
Chinese Workers Abandon Silicon Valley for Riches Back Home
From a report on Bloomberg:
U.S.-trained Chinese-born talent is becoming a key force in driving Chinese companies' global expansion and the country's efforts to dominate next-generation technologies like artificial intelligence and machine learning. Where college graduates once coveted a prestigious overseas job and foreign citizenship, many today gravitate toward career opportunities at home, where venture capital is now plentiful and the government dangles financial incentives for cutting-edge research. "More and more talent is moving over because China is really getting momentum in the innovation area," said Ken Qi, a headhunter for Spencer Stuart and leader of its technology practice. "This is only the beginning."
Chinese have worked or studied abroad and then returned home long enough that there's a term for them -- "sea turtles." But while a job at a U.S. tech giant once conferred near-unparalleled status, homegrown companies -- from giants like Tencent to up-and-comers like news giant Toutiao -- are now often just as prestigious. Baidu Inc. -- a search giant little-known outside of China -- convinced ex-Microsoft standout Qi Lu to helm its efforts in AI, making him one of the highest-profile returnees of recent years.
Subscriptions With Automated Recurring Billing Come To Windows 10
An anonymous reader shares a report:
In yet another bid to woo developers to the platform, Microsoft is introducing subscription add-ons for Windows 10 Anniversary Edition, and later. Available to all UWP developers, the add-on subscriptions with automated recurring billing will allow creators to sell digital products directly in their apps. Subscription periods available include 1 month, 3 months, 6 months, 1 year or 2 years, and it's possible for developers to offer a free trial period too.
Intel Says Chip-Security Fixes Leave PCs No More Than 10% Slower
Intel trying to defuse concern that fixes to widespread chip security vulnerabilities will slow computers, released test results late Wednesday showing that personal computers
won't be affected much and promised more information on servers. From a report:
The chipmaker published a table of data showing that older processors handled typical tasks 10 percent slower at most, after being updated with security patches. The information covered three generations of processors, going back to 2015, running Microsoft's Windows 10 and Windows 7 computer operating systems. Further reporting:
Intel, Microsoft offer differing views on impact of chip flaw
House Passes Bill To Renew NSA Internet Spying Tool
Dustin Volz, reporting for Reuters:
The U.S. House of Representatives on Thursday passed a bill to renew the National Security Agency's warrantless internet surveillance program, overcoming objections from privacy advocates and confusion prompted by morning tweets from President Donald Trump that initially questioned the spying tool. The legislation, which passed 256-164 and split party lines, is the culmination of a yearslong debate in Congress on the proper scope of U.S. intelligence collection -- one fueled by the 2013 disclosures of classified surveillance secrets by former NSA contractor Edward Snowden. Senior Democrats in the U.S. House of Representatives had urged cancellation of the vote after Trump appeared to cast doubt on the merits of the program, but Republicans forged ahead.
Uber Used Another Secret Software To Evade Police, Report Says
schwit1 shares a Bloomberg report:
In May 2015 about 10 investigators for the Quebec tax authority burst into Uber Technologies's office in Montreal. The authorities believed Uber had violated tax laws and had a warrant to collect evidence. Managers on-site knew what to do, say people with knowledge of the event. Like managers at Uber's hundreds of offices abroad, they'd been trained to page a number that alerted specially trained staff at company headquarters in San Francisco. When the call came in, staffers quickly remotely logged off every computer in the Montreal office, making it practically impossible for the authorities to retrieve the company records they'd obtained a warrant to collect. The investigators left without any evidence.
Most tech companies don't expect police to regularly raid their offices, but Uber isn't most companies. The ride-hailing startup's reputation for flouting local labor laws and taxi rules has made it a favorite target for law enforcement agencies around the world. That's where this remote system, called Ripley, comes in. From spring 2015 until late 2016, Uber routinely used Ripley to thwart police raids in foreign countries, say three people with knowledge of the system. Allusions to its nature can be found in a smattering of court filings, but its details, scope, and origin haven't been previously reported. The Uber HQ team overseeing Ripley could remotely change passwords and otherwise lock up data on company-owned smartphones, laptops, and desktops as well as shut down the devices. This routine was initially called the unexpected visitor protocol. Employees aware of its existence eventually took to calling it Ripley, after Sigourney Weaver's flamethrower-wielding hero in the Alien movies. The nickname was inspired by a Ripley line in Aliens, after the acid-blooded extraterrestrials easily best a squad of ground troops. 'Nuke the entire site from orbit. It's the only way to be sure.'
Top US Government Computers Linked to Revenge-Porn Site
Joseph Cox, reporting for The Daily Beast:
Data obtained by a security analyst and shared with The Daily Beast reveals the behind-the-scenes of the epicenter of revenge porn: a notorious image board called Anon-IB, where users constantly upload non-consensual imagery, comment on it, and trade nudes like baseball cards. The data shows Anon-IB users connecting from U.S. Senate, Navy, and other government computers, including the Executive Office of the President, even as senators push for a bill that would further combat the practice, and after the military's own recent revenge-porn crisis. "Wow tig ol bitties. You have any nudes to share?" someone wrote in November, underneath a photo of a woman who apparently works in D.C., while connecting from an IP address registered to the U.S. Senate.
Anon-IB is a free-to-use message board where users post images, typically of women, and which is split into various genre or location sections. Some parts are focused on countries, while U.S. sections may narrow down to a state. Many users pursue so-called wins, which are nude or explicit photos, and may egg each other on to share more images. Anon-IB was also intertwined with a 2014 breach of celebrity nudes referred to as The Fappening. "Looking for wins of [redacted]. She used to send nudes to my friend all of the time. Would love to see some more," someone connecting from the U.S. Senate IP address wrote last August.
The Invented Language That Found a Second Life Online
More than 100 years after it was invented, Esperanto is spoken by relatively few people.
But the internet has brought new life to this intriguing, invented language. From a report:
Since it [Esperanto] was first proposed in a small booklet written by Ludwik L Zamenhof in 1887, it has evolved into the quintessential invented language, the liveliest and most popular ever created. But, many would tell you, Esperanto is a failure. More than a century after it was created, its current speaker base is just some two million people -- a geeky niche, not unlike the fan base of any other obscure hobby.
[...] Learning Esperanto used to be a solitary quest. You could practise it by sitting for weeks with a book and a dictionary, figuring out the rules and memorising the words. But there was usually no professor to correct your mistakes or polish your pronunciation. That's how Anna Lowenstein taught herself Esperanto in her teenage years, after becoming frustrated with the oddities of the French she was learning in school. In the last page of her textbook, there was an address for the British Esperanto Association. She sent a letter, and some time later was invited to a meeting of young speakers in St Albans.
The global community that Lowenstein was joining was put together via snail mail, paper magazines and yearly meetings. [...] Newer generations are not as patient, and they don't have to be. Unlike most of their elders, who rarely had the chance to speak Esperanto, today's speakers can use the language every day online. Even old computer communication services like Usenet had Esperanto-speaking hubs, and a lot of pages and chat rooms sprouted in the early days of the Web. Today, the younger segment of the Esperantio is keen on using social media: they gather around several groups in Facebook and Telegram, a chat service.
More Colleges Than Ever Have Test-Optional Admissions Policies
Back in the 1980s, Bates College and Bowdoin College were nearly the only liberal arts colleges not to require applicants to submit SAT or ACT test scores. On Jan. 10, FairTest, a Boston-based organization that has been pushing back against America's testing regime since 1985,
announced that the
number of colleges that are test-optional has now surpassed 1,000. From a report:
This milestone means that more than one-third of America's four-year nonprofit colleges now reject the idea that a test score should strongly determine a student's future. The ranks of test-optional institutions include hundreds of prestigious private institutions, such as George Washington, New York University, Wesleyan University and Wake Forest University. The list also includes hundreds of public universities, such as George Mason, San Francisco State and Old Dominion.
Bitcoin Conference Stops Accepting BTC Due To High Fees
An anonymous reader shares a report:
Next week the popular cryptocurrency event, The North American Bitcoin Conference (TNABC) will be hosted in downtown Miami at the James L Knight Center, January 18-19. However, bitcoin proponents got some unfortunate news this week as the event organizers have announced they have stopped accepting bitcoin payments for conference tickets due to network fees and congestion. Bitcoin settlement times, and the fee market associated with transactions, have become a hot topic these days as on-chain fees have risen to $30-60 per transaction. These issues have made it extremely difficult for businesses to operate, and many merchants have stopped accepting bitcoin for services and goods altogether.
FBI Calls Apple 'Jerks' and 'Evil Geniuses' For Making iPhone Cracks Difficult
troublemaker_23 shares a report from iTWire:
A forensics expert from the FBI has lashed out at Apple, calling the company's security team a bunch of "jerks" and "evil geniuses" for making it more difficult to circumvent the encryption on its devices. Stephen Flatley told the International Conference on Cyber Security in New York on Wednesday that one example of the way that Apple had made it harder for him and his colleagues to break into the iPhone was by recently making the password guesses slower, with a change in hash iterations from 10,000 to 10,000,000. A report on the Motherboard website said Flatley explained that this change meant that the speed at which one could brute-force passwords went from 45 attempts a second to one every 18 seconds. "Your crack time just went from two days to two months," he was quoted as saying. "At what point is it just trying to one up things and at what point is it to thwart law enforcement? Apple is pretty good at evil genius stuff," Flatley added.
New Ingestible Pill Can Track Your Farts In Real Time
A group of Australian researchers have
developed an ingestible electronic capsule to monitor gas levels in the human gut. "When it's paired with a pocket-sized receiver and a mobile phone app, the pill reports tail-wind conditions in real time as it passes from the stomach to the colon," reports Ars Technica. The invention has been
reported in the journal Nature Electronics. From the report:
The authors are optimistic that the capsule's gas readings can help clear the air over the inner workings of our intricate innards and the multitudes of microbes they contain. Such fume data could clarify the conditions of each section of the gut, what microbes are up to, and which foods may cause problems in the system. Until now, collecting such data has been a challenge. The capsule is 26mm in length, with a 9.8mm external diameter -- like a large vitamin. Its polymer shell surrounds sensors for temperature, CO2, H2, and O2, as well as a button-size silver oxide battery and a transmission system. One end of the capsule contains a gas-permeable membrane that allows for fast diffusion of gut gases.
Senior Citizens Will Lead the Self-Driving Revolution
The Villages in Florida -- home to 125,000 residents, over 54,000 homes, 32 square miles, 750 miles of road, and three distinct downtowns --
will soon get a fleet of robot taxis. "Voyage, a startup that has been operating a handful of self-driving cars in the San Jose, California-based retirement community also called The Villages,
announced today that later this year it will expand to the much-larger Villages north of Orlando," reports The Verge. "This is thanks to a successful Series A fundraising round that raked in $20 million in 2017." From the report:
It's an indication that, strangely enough, many of the first people to fully experience the possibilities presented by self-driving cars will be over the age of 55. Most experts agree that robot cars will first roll out as fleets of self-driving taxis in controlled environments -- college campuses, business parks, dedicated freeway lanes, city centers, or retirement communities. Self-driving startups get to boast about providing a real service for people in need, while seniors get to lord over their grandchildren about being early adopters of a bold new technology. They're also getting something a little more valuable: Voyage is giving the owners of The Villages and the smaller San Jose development equity stakes of 0.3% and 0.2%, respectively, according to The Information. Voyage's self-driving cars aren't fully driverless. Safety drivers will remain behind the wheel just in case there's a need to intervene. And to compliment its digital mapping capabilities, the startup says it will partner with Carmera, a 3D mapmaker for autonomous vehicles. This type of partnership is necessary for what Voyage believes is "the largest deployment (by area size) of self-driving cars in the world."