Orlando Police End Test of Amazon's Real-Time Facial 'Rekognition' System
An anonymous reader quotes a report from NPR:
The city of Orlando, Fla., says it has ended a pilot program in which its police force used Amazon's real-time facial recognition -- a system called "Rekognition" that had triggered complaints from rights and privacy groups when its use was revealed earlier this year. Orlando's deal to open part of its camera systems to Amazon was reported by NPR's Martin Kaste in May, after the ACLU noticed that an Amazon Rekognition executive mentioned the city as a customer.
On Monday, the ACLU of Florida wrote a letter to Mayor Buddy Dyer and the Orlando City Council, demanding that the city "immediately" shut down "any face surveillance deployment or use by city agencies and departments." On the same day, Orlando city and police officials issued a joint statement saying that the test of how its officers might use the Rekognition technology ended last week. The city added, "Staff continues to discuss and evaluate whether to recommend continuation of the pilot at a further date," adding that "the contract with Amazon remains expired." Orlando police say the test was limited to only a fraction of the city's cameras, and that the system was tested by tracking its own officers. The Rekognition deal with Orlando caused a stir after Ranju Das, the head of the Rekognition unit,
said in early May: "City of Orlando is a launch partner of ours. It's a smart city; they have cameras all over the city. The authorized cameras are then streaming the data [...] we are a subscriber to the stream, we analyze the video in real time, search against the collection of faces that they have."
Scammers Abuse Multilingual Domain Names
Cyber-criminals are abusing multilingual character sets to trick people into visiting phishing websites. BBC:
The non-English characters allow scammers to create "lookalike" sites with domain names almost indistinguishable from legitimate ones. Farsight Security found scam sites posing as banks, loan advisers and children's brands Lego and Haribo. Smartphone users are at greater risk as small screens make lookalikes even harder to spot. The Farsight Security report looked at more than 100 million domain names that use non-English character sets -- introduced to make the net more familiar and usable for non-English speaking nations -- and found about 27% of them had been created by scammers. It also uncovered more than 8,000 separate characters that could be abused to confuse people.
Farsight founder Paul Vixie, who wrote much of the software underpinning the net's domain names told the BBC: "Any lower case letter can be represented by as many as 40 different variations."
Nvidia Looks To Gag Journalists With Multi-Year Blanket NDAs
The German website Heise
reports that Nvidia's new non-disclosure agreements (NDAs)
last for five years and are more far reaching than product-specific information. HardOCP explains what NDAs are and shares an excerpt from Heise's report:
First and foremost, I should tell you that NDAs in the tech world are nothing new, but those non-disclosure agreements usually are product-specific and date-specific. Say we agree to get a review sample of video card X. Many times we will get an NDA that is specific to releasing any information shared by card X's representative and a date when we can share that information with you, often referred to as the "embargo date."
[Here's the excerpt from Heise about Nvidia's new NDA]: "The NDA should apply to all information provided by Nvidia, so it did not refer to a specific product or information. There was also no concrete expiration date. It was also full of conditions that ran counter to journalistic principles. Our legal department clapped their hands over their heads as they read the document. In other words, journalists are allowed to write only what fits Nvidia in the junk. In doing so, Nvidia downgrades the independent press into a marketing tool." There are
several
forums discussing Nvidia's new NDA. HardOCP has shared a
copy of the NDA for you to read and make up your own mind.
Uber Granted Short-Term License To Operate In London
Uber has been
granted a short-term license to operate in London following a court hearing. BBC reports:
Transport for London (TfL) refused to renew the license when it expired last September, saying the U.S. taxi app was not a "fit and proper" operator. Uber has now been awarded a license but it has been put on probation for 15 months. The company had been seeking a five-year license when it was refused last year. Following a two-day hearing at Westminster Magistrates' Court, Chief Magistrate Emma Arbuthnot said Uber was now considered "fit and proper." She ordered the company to pay TfL's legal costs of [approximately $562,000].
California Lawmakers Advance Last-Minute Data Privacy Bill
An anonymous reader quotes a report from ABC News:
California state senators advanced a last-minute internet privacy bill Tuesday ahead of a deadline while acknowledging it would need changes if it becomes law. The bill would let consumers ask companies what personal data they collect and opt out of having their data sold, among other privacy provisions. Lawmakers voted to pass the measure, AB375, out of the Senate Judiciary Committee.
The bill is aimed at keeping a related initiative off the November ballot. Lawmakers negotiated it with San Francisco housing developer Alastair Mactaggart, who spent millions of dollars to place the initiative on the ballot. He said he would pull the measure from the ballot if the bill is signed into law by the Thursday deadline to withdraw initiatives. The bill now moves to the Senate Appropriations Committee, a spokeswoman for co-author Sen. Bob Hertzberg, D-Van Nuys, said. The full Assembly and Senate each plan to vote on the bill Thursday. Gov. Jerry Brown's office has not said whether he will sign it.
Facebook Cancels Program To Deliver Internet By Aquila Drones
Wave723 shares a report from IEEE Spectrum:
Facebook's plans to beam high-speed Internet from enormous solar-powered drones in the stratosphere appear to be in disarray. Two key engineers behind its Aquila drones have left the company, and it recently cancelled plans for a secret high-altitude flight campaign at Spaceport America, possibly because Facebook no longer has any aircraft available to deploy.
A trove of emails between Facebook and Spaceport America, obtained under New Mexico public records law and first reported by Business Insider, details the painstaking process of turning a site for rockets and spaceplanes into a testbed for some of the largest drones in the world.
Venezuela Is Blocking Access To the Tor Network
An
Access Now report finds that Venezuela has
blocked all access to the Tor network. "The latest block includes both direct connections to the network and connections over bridge relays, which had escaped many previous Tor blocks," reports The Verge. From the report:
According to network metrics, Tor access in Venezuela had recently spiked in response to recent web blocks placed on local news outlets. Unlike previous blocks, the latest restrictions could not be circumvented by using a censorship-resistant DNS server like those provided by Google and CloudFlare. For many Venezuelans, Tor seems to have been the only way left to access the restricted content. "This is the latest escalation in Venezuela's internet censorship efforts, as it blocks higher-profile sites with more sophisticated methods," said Andres Azpurua of Venezuela Inteligente, in a statement provided through Access. "This is one of their boldest internet censorship actions yet."
Facebook Reverses Its Crypto Ad Ban
Back in January, Facebook
banned cryptocurrency ads because too many companies in this space were "not currently operating in good faith." Now the social media company is
reversing its ban effective immediately. "The company says it will allow ads and related content from 'pre-approved advertisers,' but will still not allow ads promoting binary options and initial coin offerings," reports TechCrunch. From the report:
This time around, it's making advertisers go through an application process to determine their eligibility. Facebook will ask advertisers to include on their applications details like what licenses they've obtained, whether they're a publicly traded company, and other relevant background information regarding their business. How thoroughly this information is fact-checked by Facebook staff remains unclear.
The company reminded users in the same announcement that they should continue to flag ad content that violates its guidelines. In other words, expect some bad ads to get through. Facebook explains its new requirements will keep some crypto advertisers from being able to hawk their businesses on the social network, but adds that its policy in this area continues to be a work in progress. Facebook's Product Management Director, Rob Leathern, made the
announcement.
Mumbai Bans Plastic Bags, Bottles, and Single-Use Plastic Containers
An anonymous reader quotes a report from The Guardian:
Mumbai has the become the largest Indian city to ban single-use plastics, with residents caught using plastic bags, cups or bottles to face penalties of up to 25,000 rupees (~$365) and three months in jail from Monday. Council inspectors in navy blue jackets have been posted across the city to catch businesses or residents still using plastic bags. Penalties have already kicked in for businesses and several, reportedly including a McDonald's and Starbucks, have already been fined. Penalties range from 5,000 rupees (~$73) for first-time offenders to 25,000 rupees (~$365) and the threat of three months' jail for those caught repeatedly using single-use plastics.
NASA Asks: Will We Know Life When We See It?
In the last decade, we have discovered thousands of planets outside our solar system and have learned that rocky, temperate worlds are numerous in our galaxy. The next step will involve asking even bigger questions. Could some of these planets host life? And if so, asks NASA,
will we be able to recognize life elsewhere if we see it? From a blog post on NASA's website:
A group of leading researchers in astronomy, biology and geology has come together under NASA's Nexus for Exoplanet System Science, or NExSS, to take stock of our knowledge in the search for life on distant planets and to lay the groundwork for moving the related sciences forward.
"We're moving from theorizing about life elsewhere in our galaxy to a robust science that will eventually give us the answer we seek to that profound question: Are we alone?" said Martin Still, an exoplanet scientist at NASA Headquarters, Washington. In a set of five review papers published last week in the scientific journal Astrobiology, NExSS scientists took an inventory of the most promising signs of life, called biosignatures. The paper authors include four scientists from NASA's Jet Propulsion Laboratory in Pasadena, California. They considered how to interpret the presence of biosignatures, should we detect them on distant worlds. A primary concern is ensuring the science is strong enough to distinguish a living world from a barren planet masquerading as one.
The Quest To Make Super-Cold Quantum Blobs in Space
Last January in northern Sweden, a German-led team of physicists loaded a curious machine onto an unmanned rocket. The payload, about as tall as a single-story apartment, was essentially a custom-made freezer -- a vacuum chamber, with a small chip and lasers within, that could cool single atoms near absolute zero.
It may sound like a bizarre experiment, but it is
something physicists have been aching to do for years. They launched the rocket about 90 miles past the atmosphere's boundary of outer space, monitoring a livestream from a heated building nearby. Then, just 17 minutes later, they watched as the freezer plummeted back down to Earth, landing via parachute on snowy ground 40 miles from the launch site. Wired elaborates:
See, the freezer that the Germans launched has the ability to make atoms clump together in a cloud-like blob called a Bose-Einstein condensate -- a phase of matter that exhibits some truly bizarre properties. It's delicate enough to respond to tiny fluctuations in gravity and electromagnetic fields, which means it could someday make for a super-precise sensor in space. But down on Earth, it tends to collapse in a matter of milliseconds because of gravity. So the blobs had to go to space. Since the late '90s, physicists have been developing machines that can autonomously assemble and control the blobs during spaceflight. With this rocket launch, they've succeeded. The group in Germany, led by physicist Ernst Rasel of University of Hannover, just released pictures of blobs they managed to create [PDF], as well as precise measurements of how they jiggled during their brief trip. "They've essentially laid the groundwork to show that you can actually do this, and it's not totally insane," says physicist Nathan Lundblad of Bates College.
The Biggest Digital Heist in History Isn't Over Yet
There are cyberheists, and then there's
Carbanak, a cybercriminal gang that has stolen about $1.2 billion from more than 100 banks in 40 nations. The suspected 34-year-old ringleader is under arrest, but the whopping $1.2 billion amount remains missing. And to add insult to the injury, the malware attacks live on. Bloomberg Businessweek has an insightful story on this, which includes comments from none other than Europol itself, on the chase to catch Carabanak which has lasted for three years.
Some excerpts from the story:
Before WannaCry, before the Sony Pictures hack, and before the breaches that opened up Equifax and Yahoo!, there was a nasty bit of malware known as Carbanak. Unlike those spectacular attacks, this malware wasn't created by people interested in paralyzing institutions for ransom, publishing embarrassing emails, or taking personal data. The Carbanak guys just wanted loot, and lots of it.
Since late 2013, this band of cybercriminals has penetrated the digital inner sanctums of more than 100 banks in 40 nations, including Germany, Russia, Ukraine, and the U.S., and stolen about $1.2 billion, according to Europol, the European Union's law enforcement agency. The string of thefts, collectively dubbed Carbanak -- a mashup of a hacking program and the word "bank" -- is believed to be the biggest digital bank heist ever. In a series of exclusive interviews with Bloomberg Businessweek, law enforcement officials and computer-crime experts provided revelations about their three-year pursuit of the gang and the mechanics of a caper that's become the stuff of legend in the digital underworld.
Besides forcing ATMs to cough up money, the thieves inflated account balances and shuttled millions of dollars around the globe. Deploying the same espionage methods used by intelligence agencies, they appropriated the identities of network administrators and executives and plumbed files for sensitive information about security and account management practices. The gang operated through remotely accessed computers and hid their tracks in a sea of internet addresses.
Hundreds of Hotels Affected by Data Breach at Hotel Booking Software Provider
Catalin Cimpanu, reporting for BleepingComputer:
The personal details and payment card data of guests from hundreds of hotels, if not more, have been stolen this month by an unknown attacker, Bleeping Computer has learned. The data was taken from FastBooking, a Paris-based company that sells hotel booking software to more than 4,000 hotels in 100 countries -- as it claims on its website.
In emails the company sent out to affected hotels today, FastBooking revealed the breach took place on June 14, when an attacker used a vulnerability in an application hosted on its server to install a malicious tool (malware). This tool allowed the intruder remote access to the server, which he used to exfiltrate data. The incident came to light when FastBooking employees discovered this malicious tool on its server.
Fortnite is Generating More Revenue Than Any Other Free Game Ever
Fortnite: Battle Royale has brought in more revenue in a single month than any other game of its kind, industry estimates suggest. Recode:
The free-to-play game hit a new revenue record of $318 million in May, according to SuperData Research. That puts Fornite well ahead of other breakout games like Pokemon Go and Clash of Clans, and it's all the more spectacular when you realize the multi-platform game launched on consoles just eight months ago and on iOS just three months ago. Since then, Fortnite has brought in more than $1.2 billion in revenue, all of which comes from nonessential in-app purchases, for stuff like clothing and dance moves.
Firefox 61 Arrives With Better Search, Tab Warming, and Accessibility Tools Inspector
On Tuesday,
Mozilla released Firefox 61, the newest version of its web browser for Windows, Mac, Linux, and Android platforms. The release builds on Firefox Quantum, which the company calls "by far the biggest update since Firefox 1.0 in 2004." VentureBeat:
Version 61 brings TLS 1.3, the ability to add custom search engines to the location bar, tab warming, retained display lists, WebExtension tab management, and the Accessibility Tools Inspector. Mozilla doesn't break out the exact numbers for Firefox, though the company does say "half a billion people around the world" use the browser. In other words, it's a major platform that web developers have to consider.
Judge Rules Big Oil Can't Be Sued For Climate Change Costs
An anonymous reader shares a report:
A U.S. judge who held a hearing about climate change that received widespread attention ruled Monday that Congress and the president were best suited to address the contribution of fossil fuels to global warming. So he threw out lawsuits that sought to hold big oil companies liable for the Earth's changing environment. Noting that the world has also benefited significantly from oil and other fossil fuel, Judge William Alsup said questions about how to balance the "worldwide positives of the energy" against its role in global warming "demand the expertise of our environmental agencies, our diplomats, our Executive, and at least the Senate. The problem deserves a solution on a more vast scale than can be supplied by a district judge or jury in a public nuisance case," he said. Alsup's ruling came in lawsuits brought by San Francisco and neighboring Oakland that accused Chevron (CVX), Exxon Mobil (XOM), ConocoPhillips (COP), BP (BP) and Royal Dutch Shell (RDS.A) of long knowing that fossil fuels posed serious risks to the environment, but still promoting them as environmentally responsible.
Wi-Fi Alliance Launches WPA3 Security Standard
wiredmikey writes:
The Wi-Fi Alliance, the organization responsible for maintaining Wi-Fi technology, announced the launch of the WPA3 security standard. The latest version of the Wi-Fi Protected Access (WPA) protocol brings significant improvements in terms of authentication and data protection.
WPA3 has two modes of operation: Personal and Enterprise. WPA3-Personal's key features include enhanced protection against offline dictionary attacks and password guessing attempts. WPA3-Enterprise provides 192-bit encryption for extra security, improved network resiliency, and greater consistency when it comes to the deployment of cryptographic tools.
AIM Has Been Resurrected. Kind Of.
AOL
discontinued AIM, its 20-year-old iconic instant messaging service, last December,
months after cutting third-party access to it. Now Motherboard reports a a small team of developers has
resurrected it with a private server. From the report:
The new chat service is called AIM Phoenix, and it works by running the messages through a private Dynamic DNS run by Wildman Productions, a non-profit group of hobbyist programers. This isn't a new AIM client, it literally uses the old software running on a new server, so it looks and feels exactly like AIM. It's simple to set up. First, you download an old version of AIM from the AIM Phoenix website, register for a new username, tweak the settings to reroute through Wildman Productions' server, and then open yourself up the nostalgic glory of Web 2.0. The old versions of AIM are touchy on new machines and I had to play with a few different versions before I got 5.0 working on my Windows 10 machine.
57% of Tech Workers Are Suffering From Job Burnout, Survey Finds
An anonymous reader writes:
A survey conducted among the tech workers, including many employees of Silicon Valley's elite tech companies, has revealed that over 57% of respondents are suffering from job burnout. The survey was carried out by the makers of an app that allows employees to review workplaces and have anonymous conversations at work, behind their employers' backs. Over 11K employees answered one question -- if they suffer from job burnout, and 57.16% said "Yes."
The company with the highest employee burnout rate was Credit Karma, with a whopping 70.73%, followed by Twitch (68.75%), Nvidia (65.38%), Expedia (65.00%), and Oath (63.03% -- Oath being the former Yahoo company Verizon bought in July 2017). On the other end of the spectrum, Netflix ranked with the lowest burnout rate of only 38.89%, followed by PayPal (41.82%), Twitter (43.90%), Facebook (48.97%), and Uber (49.52%).
Last Year's ICOs Had Five Security Vulnerabilities On Average, Say Researchers
An anonymous reader quotes a report from Bleeping Computer:
Security researchers have found, on average, five security flaws in each cryptocurrency ICO held last year. Only one ICO held in 2017 did not contain any critical flaws. According to Positive.com, a security firm specialized in ICO security audits, most of the vulnerabilities they found, they discovered in the smart contracts at the base of the ICO itself.
"71% of tested projects contained vulnerabilities in smart contracts, the heart and soul of an ICO," the company said. "Once an ICO starts, the contract cannot be changed and is open to everyone, meaning anyone can view it and look for flaws. Typically, these would consist of non compliance with the ERC20 standard (the token interface for digital wallets and cryptocurrency exchanges), incorrect random number generation and incorrect scoping amongst others," Positive.com experts say. "Generally, these vulnerabilities occur due to lack of programmer expertise and insufficient source code testing." According to the researchers, all the mobile apps ICO organizers have launched in 2017 contained security flaws. "The most common flaws in mobile apps are the use of insecure data transfer methods, storage of user data in phone backups, and disclosure of session IDs that an attacker could capture and use against the user," reports Bleeping Computer. Security bugs were also found in the web apps.
Voices of Millions of UK Taxpayers Stored By HMRC
AmiMoJo shares a report from BBC:
The voices of millions of taxpayers have been analyzed and stored by HM Revenue and Customs (HMRC) without consent, privacy campaigners say. Big Brother Watch says HMRC's Voice ID system has collected 5.1 million audio signatures and accuses the department of creating "biometric ID cards by the back door." The Voice ID scheme, which was launched last year, asks callers to repeat the phrase "my voice is my password" to register. Once this task is complete, they can use the phrase to confirm their identity when managing their taxes.
Russia's Proton Rocket, Which Predates Apollo, Will Finally Stop Flying
The Russian-manufactured Proton rocket that has been traveling into space since before humans landed on the Moon
will finally stop flying. "In
an interview with a Russian publication, Roscosmos head Dmitry Rogozin said production of the Proton booster will cease as production shifts to the new Angara booster," reports Ars Technica. "No new Proton contracts are likely to be signed." From the report:
First launched in 1965, the rocket was initially conceived of as a booster to fly two-person crews around the Moon, as the Soviet Union sought to beat NASA into deep space. Indeed, some of its earliest missions launched creatures, including two turtles, to the Moon and back. The decision will bring down the curtain on one of the longest-used and most versatile rockets in world history. As the United States developed the space shuttle in the 1970s and began flying it in the 1980s, the Russian space agency saw the opportunity to commercialize the Proton rocket, and by the end of the 1990s, the booster became a major moneymaker for the Russian space industry. With a capacity of 22.8 tons to low-Earth orbit, it became a dominant player in the commercial market for heavier satellites. An increasing rate of failures, combined with the rise of SpaceX's cheaper Falcon 9 rockets, "have caused the number of Proton launches in a given year to dwindle from eight or so to just one or two," adds Ars. "This shrinking market has opened the door to the
Angara rocket, which has the advantage of not using environmentally hazardous fuel for each of its stages..."
Should have just followed NY
https://en.wikipedia.org/wiki/...
Get that "track people within seconds" and years of quality.