In a Bid To Curtail Spread of Misinformation, Facebook's WhatsApp Now Tells Users When a Message Has Been Forwarded
In a bid to fight
spread of misinformation on its platform, Facebook-owned WhatsApp announced on Tuesday that it is launching a new feature globally that will
highlight when a message has been forwarded versus composed by the sender. At the centre of the issue is high-volume sharing of misleading and false information, often arching political and religious sentiments, that is tricking a significant number of WhatsApp users. (WhatsApp is used by more than a billion users worldwide.) From a report:
From now on, WhatsApp will put a "forwarded" label on these messages. "This extra context will help make one-on-one and group chats easier to follow. It will also help you determine if your friend or relative wrote the message they sent or if it came from someone else," the company said in a note. "WhatsApp cares deeply about your safety. We encourage you to think before sharing forwarded messages. As a reminder, you can report spam or block a contact in one tap and always reach out to WhatsApp directly for help," it added. To see this new forwarded label, users are required to have the newest supported version of WhatsApp on their phones. Additionally, this week the company relaunched a campaign in India as part of which it is running full-page ads on several newspapers in the country to create awareness about the issue.
Supreme Court Nominee Brett Kavanaugh Opposes Net Neutrality
An article currently on Ars Technica examines comments about net neutrality issues by recent Supreme Court nominee Brett Kavanaugh. Kavanaugh not only rejects the FCC's reclassification of ISPs under Title II, but seems to also support a broad First Amendment right to "editorial control," allowing ISPs to selectively block, filter, or modify transmitted data.
Kavanaugh compares ISPs to cable TV operators, rather than phone companies. "Deciding whether and how to transmit ESPN and deciding whether and how to transmit ESPN.com are not meaningfully different for First Amendment purposes." Here's what Ars Technica had to say about Kavanaugh's argument, which did not address the business differences between cable TV and internet service: "Cable TV providers generally have to pay programmers for the right to carry their channels, and cable TV providers have to fit all the channels they carry into a limited amount of bandwidth. At least for now, major internet providers don't offer a set package of websites -- they just route users to whichever sites the users are requesting. ISPs also don't have to pay those websites for the right to 'transmit' them, but ISPs have argued that they should be able to demand fees from websites."
The report also mentions Kavanaugh's support of NSA surveillance: "In November 2015, Kavanaugh was part of a unanimous decision when the DC Circuit denied a petition to rehear a challenge to the NSA's bulk collection of telephone metadata. Kavanaugh was the only judge to issue a written statement, which
said that '[t]he Government's collection of telephony metadata from a third party such as a telecommunications service provider is not considered a search under the Fourth Amendment.' Even if this form of surveillance constituted a search, it wouldn't be an 'unreasonable' search and therefore it would be legal, Kavanaugh also wrote."
Orlando Police Decide To Keep Testing Controversial Amazon Facial Recognition Program
Despite previous reports that the program
has been ended, the Orlando Police Department in Florida is
planning to continue its test of Amazon's real-time facial recognition system. "News of OPD supposedly ending its use of Rekognition on footage captured by a number of CCTV cameras came just a day after the ACLU sent
a letter to Orlando Mayor Buddy Dyer regarding the face recognition program," reports Gizmodo. "But the end date for the initial pilot period had already been selected -- it just happened to coincide with the ACLU's report and the ensuing backlash from civil rights groups." From the report:
While the original test period ended, the OPD will soon sit down with Amazon representatives to outline the new pilot, the police department told the Orlando Sentinel. "It's really to prevent the next tragedy," Orlando Police Chief John Mina said. Now, with the program set to continue, Dyer says the practice is not as dystopian as it seems.
Details on the new pilot are sparse. OPD confirmed it will test Rekognition on at least eight cameras, as it did before, though their location isn't known. In the previous trial program, five Rekognition-enabled cameras captured footage at OPD headquarters, while three additional cameras were positioned in downtown Orlando. During its initial testing phase, Rekognition will scan officers' faces against a face database made up of volunteers. The plan, the OPD memo explains, is for officers themselves to walk in front of the cameras and record how accurately the technology recognizes them from different angles, with different clothes, or other variables. It's not known how long this initial testing phase will last, though the city plans to draft proposed regulations before any public rollout begins. It's worth noting that pilot itself requires no public approval and Dyer has wholeheartedly supported Rekognition. "No images of the public will be used for any testing," OPD said in a statement.
Nearly 1,000 Paintings/Drawings By Vincent Van Gogh Now Digitized, Released Online
An anonymous reader quotes a report from Open Culture:
Every artist explores dimensions of space and place, orienting themselves and their works in the world, and orienting their audiences. Then there are artists like Vincent van Gogh, who make space and place a primary subject. [...] The opportunity to see all of Van Gogh's bedroom paintings in one place may have passed us by for now -- an exhibit in Chicago brought them together in 2016. But we can see the original bedroom at the yellow house in Arles in a virtual space, along with almost 1,000 more Van Gogh paintings and drawings, at the Van Gogh Museum in Amsterdam's site. The digitized collection showcases a vast amount of Van Gogh's work -- including not only landscapes, but also his many portraits, self-portraits, drawings, city scenes, and still-lifes.
The Van Gogh Museum houses the largest collection of the artist's work in the world. On their website you can read essays about his life and work, plan a visit, or shop at the online store. But most importantly, you can experience the stunning breadth of his art through your screen -- no replacement for the physical spaces of galleries, but a worthy means nonetheless of communing with Van Gogh's vision.
Malware Found in Arch Linux AUR Package Repository
An anonymous reader shares a report:
Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages. The malicious code has been removed thanks to the quick intervention of the AUR team. The incident happened because AUR allows anyone to take over "orphaned" repositories that have been abandoned by their original authors. On Saturday, a user going by the pseudonym of "xeactor" took over one such orphaned package named "acroread" that allows Arch Linux users to view PDF files. According to a Git commit to the packag's source code, xeactor added malicious code that would download a file named "~x" from ptpb [dot] pw, a lightweight site mimicking Pastebin that allows users to share small pieces of texts.
Ex-Apple Worker Charged With Stealing Self-Driving Car Trade Secrets
U.S. authorities on Monday charged a former Apple employee with theft of trade secrets, alleging that the person downloaded a secret blueprint related to a self-driving car to a personal laptop and later trying to flee the country, according to a criminal complaint filed in federal court. From a report:
The complaint said that the former employee, Xiaolang Zhang, disclosed intentions to work for a Chinese self-driving car startup and booked a last-minute flight to China after downloading the plan for a circuit board for the self-driving car. Authorities arrested Zhang on July 7 at the San Jose airport after he passed through a security checkpoint. "Apple takes confidentiality and the protection of our intellectual property very seriously," Apple said in a statement. "We're working with authorities on this matter and will do everything possible to make sure this individual and any other individuals involved are held accountable for their actions."
PayPal Told Customer Her Death Breached Its Rules
dryriver shares a report from the BBC:
PayPal wrote to a woman who had died of cancer saying her death had breached its rules and that it might take legal action as a consequence. The firm has since acknowledged that the letter was "insensitive," apologized to her widower, and begun an inquiry into how it came to be sent.
Lindsay Durdle died on May 31 aged 37. She had been first diagnosed with breast cancer about a year-and-a-half earlier. The disease had later spread to her lungs and brain. PayPal was informed of Mrs Durdle's death three weeks ago by her husband Howard Durdle. He provided the online payments service with copies of her death certificate, her will and his ID, as requested. He has now received a letter addressed in her name, sent to his home in Bucklebury, West Berkshire. It was headlined: "Important: You should read this notice carefully." It said that Mrs Durdle owed the company about 3,200 pounds (~$4,200) and went on to say: "You are in breach of condition 15.4(c) of your agreement with PayPal Credit as we have received notice that you are deceased... this breach is not capable of remedy." According to a PayPal staff member, there were three possible explanations for how the letter was sent: a bug, a bad letter template, or human error. PayPal is continuing to work with Mr Durdle and has written off the debt in the meantime.
DOJ Reaches Settlement On Publication of Files About 3D Printed Firearms
He Who Has No Name writes:
Those who remember Cody Wilson and Defense Distributed -- the self-described cryptoanarchist and his organization that published plans for 3D printable firearm parts, respectively -- also remember that not long after the plans for the printable Liberator single-shot pistol hit the web, the Department of State seized the Defense Distributed website and prohibited Wilson from publishing 3D printable firearm plans, claiming violations of ITAR -- the International Traffic in Arms Regulation, a U.S. law taxing and restricting the distribution of a wide variety of physical goods listed as having military value. Slashdot covered the website seizure here (the Department of Defense was initially misreported in sources to have been the agency responsible).
In both a First and Second Amendment win, the Second Amendment Foundation has settled with the Department of State after suing on behalf of Defense Distributed. Slashdot reader schwit1 shares an excerpt from the report: "Under terms of the settlement, the government has agreed to waive its prior restraint against the plaintiffs, allowing them to freely publish the 3-D files and other information at issue. The government has also agreed to pay a significant portion of the plaintiffs' attorney's fees, and to return $10,000 in State Department registration dues paid by Defense Distributed as a result of the prior restraint. Significantly, the government expressly acknowledges that non-automatic firearms up to .50-caliber -- including modern semi-auto sporting rifles such as the popular AR-15 and similar firearms -- are not inherently military."
Apple's China-Friendly Censorship Caused An iPhone-Crashing Bug
Security researcher Patrick Wardle helped Apple fix a bug that
would crash apps displaying the word "Taiwan" or the Taiwanese flag emoji. Some iPhones could be remotely crashed by something as simple as receiving a text message with the Taiwanese flag. Apple
confirmed the fix in a security update Monday. Wired reports:
"Basically Apple added some code to iOS with the goal that phones in China wouldn't display a Taiwanese flag," Wardle says, "and there was a bug in that code." Since at least early 2017, iOS has included that Chinese censorship function: Switch your iPhone's location setting to China, and the Taiwanese flag emoji essentially disappears from your phone, evaporating from its library of emojis and appearing as a "missing" emoji in any text that appears on the screen. That code likely represents a favor from Apple to the Chinese government, which for the last 70 years has maintained that Taiwan is a part of China and has no legitimate independent government.
But Wardle found that in some edge cases, a bug in the Taiwan-censorship code meant that instead of treating the Taiwan emoji as missing from the phone's library, it instead considered it an invalid input. That caused phones to crash altogether, resulting in what hackers call a "denial of service" attack that would let anyone crash a vulnerable device on command. Wardle's still not sure how many devices are affected, or what caused that bug to be triggered only in some iOS devices and not others, but he believes it has something to do with the phone's location and language settings. Wardle has more details of the bug
on his blog.
DOD Seeks Classification 'Clippy' To Help Classify Data, Control Access
An anonymous reader quotes a report from Ars Technica:
The DOD has issued a request for information (RFI) from industry in a quest for technology that will prevent the mislabeling and accidental (or deliberate) access and sharing of sensitive documents and data. In an announcement posted in May by the Defense Information Systems Agency (DISA), the Pentagon stated that the DOD CIO's office -- part of the Office of the Secretary of Defense -- is "investigating the use of commercial solutions for labeling and controlling access to sensitive information." Defense IT officials are seeking software that "must be able to make real-time decisions about the classification level of the information and an individual's ability to access, change, delete, receive, or forward the information based on the credentials of the sending and/or receiving individual, facility, and system."
In other words, the DOD is looking for a classification Clippy. In a response to questions regarding the RFI issued in late June, DOD officials said that the system should be able to ideally protect "any file type on a Microsoft operating system (OS) file system and active directory domain."
Researchers Devise AI System To Reduce Noise in Photos
Researchers from Nvidia, MIT, and Aalto University are using artificial intelligence to reduce noise in photos. The team used 50,000 images from the ImageNet dataset to train its AI system for reconstructing photos, and the system is
able to remove noise from an image even though it has never seen the image without noise. VentureBeat:
Named Noise2Noise, the AI system was created using deep learning and draws its intelligence from 50,000 images from the ImageNet database. Each came as a clean, high-quality image without noise but was manipulated to add randomized noise. Computer-generated images and MRI scans were also used to train Noise2Noise. Denoising or noise reduction methods have been around for a long time now, but methods that utilize deep learning are a more recent phenomenon.
Hacker Breaches Chrome Extension of Popular VPN Service Hola, Directs Users To Compromised Cryptocurrency Website
Catalin Cimpanu, reporting for BleepingComputer:
Is iOS 11.4 Draining Your iPhone's Battery? You're Not Alone
If you've noticed that the battery life on your iPhone is not what it used to be,
it's likely that the problem isn't with your iPhone or some setting or app, but a bug in iOS 11.4. From a report:
Apple's support forum has been blowing up with complaints from users that battery life has been seriously curtailed since installing iOS 11.4. The problems seems to be reasonably widespread and affects the iPhone line up across the board. I've seen this issue on the iPhones that I use. It seems to be accompanied by the device running unusually hot.
With So Many Eyeballs, Is Open Source Security Better?
Sean Michael Kerner,
writing for eSecurity Planet:
Back in 1999, Eric Raymond coined the term "Linus' Law," which stipulates that given enough eyeballs, all bugs are shallow. Linus' Law, named in honor of Linux creator Linus Torvalds, has for nearly two decades been used by some as a doctrine to explain why open source software should have better security. In recent years, open source projects and code have experienced multiple security issues, but does that mean Linus' Law isn't valid?
According to Dirk Hohndel, VP and Chief Open Source Officer at VMware, Linus' Law still works, but there are larger software development issues that impact both open source as well as closed source code that are of equal or greater importance. "I think that in every development model, security is always a challenge," Hohndel said. Hohndel said developers are typically motivated by innovation and figuring out how to make something work, and security isn't always the priority that it should be. "I think security is not something we should think of as an open source versus closed source concept, but as an industry," Hohndel said.
Apple To Deploy 1Password To All 123,000 Employees; In Talks To Acquire Password Manager's Parent-Firm AgileBits: Report
Jonathan S. Geller, reporting for BGR:
Apple acquires an average of 15 to 20 companies a year, according to CEO Tim Cook. Of that number, we only hear about a couple, as most of these acquisitions or aqcui-hires are not consumer-facing, nor disclosed. However, we have exclusively learned that Apple is planning an interesting partnership and a potential acquisition of AgileBits, maker of the popular password manager 1Password.
According to our source, after many months of planning, Apple plans to deploy 1Password internally to all 123,000 employees. This includes not just employees in Cupertino, but extends all the way to retail, too. Furthermore, the company is said to have carved out a deal that includes family plans, giving up to 5 family members of each employee a free license for 1Password. With more and more emphasis on security in general, and especially at Apple, there are a number of reasons this deal makes sense. We're told that 100 Apple employees will start using 1Password through this initiative starting this week, with the full 123,000+ users expected to be activated within the next one to two months.
Update: In a statement, 1Password said rumors of its acquisition were "
BlackTech Threat Group Steals D-Link Certificates To Spread Backdoor Malware
Security researchers have discovered a new malicious campaign that utilizes stolen D-Link certificates to sign malware. From a report:
A lesser-known cyber-espionage group known as BlackTech was caught earlier this month using a stolen D-Link certificate to sign malware deployed in a recent campaign. "The exact same certificate had been used to sign [official] D-Link software; therefore, the certificate was likely stolen," says Anton Cherepanov, a security researcher for Slovak antivirus company ESET, and the one who discovered the stolen cert. Cherepanov says BlackTech operators used the stolen cert to sign two malware payloads -- the first is the PLEAD backdoor, while the second is a nondescript password stealer. According to a 2017 Trend Micro report, the BlackTech group has used the PLEAD malware in the past. Just like in previous attacks, the group's targets for these most recent attacks were again located in East Asia, particularly in Taiwan. The password stealer isn't anything special, being capable of extracting passwords from only four apps -- Internet Explorer, Google Chrome, Mozilla Firefox, and Microsoft Outlook.
In World First, Danish Court Rules Stream-Ripping Site Illegal
An anonymous reader shares a report:
Convert2MP3 is a site that allows users to download audio from platforms including YouTube. Following legal action carried out by Rights Alliance on behalf of music industry group IFPI, Convert2MP3 has been declared unlawful by a Danish court which has now ordered ISPs to block it. It's the first time worldwide that a so-called stream-ripping site has been declared illegal.
YouTube Is Fighting Conspiracy Theories With 'Authoritative' Context and Outside Links
In an effort to reduce misinformation on YouTube, the video-sharing website
will be adding "authoritative" context to search results about conspiracy-prone topics, as well as putting $25 million toward news outlets producing videos. YouTube made the
announcement today as part of a new step in its
Google News Initiative, a journalism-focused program that aims to help publishers earn revenue and combat fake news. The Verge reports:
This update includes new features for breaking news updates and long-standing conspiracy theories. YouTube is implementing a change it announced in March, annotating conspiracy-related pages with text from "trusted sources like Wikipedia and Encyclopedia Britannica." And in the hours after a major news event, YouTube will supplement search results with links to news articles, reasoning that rigorous outlets often publish text before producing video.
YouTube is also funding a number of partnerships. It's establishing a working group that will provide input on how it handles news, and it's providing money for "sustainable" video operations across 20 markets across the world, in addition to expanding an internal support team for publishers.
China Internet Report 2018
At Rise Conference in Hong Kong on Tuesday, Abacus executive producer Ravi Hiranand, South China Morning Post technology editor Chua Kong Ho, and 500 Startups partner Edith Yeung presented
China Internet Report 2018, highlighting the big names and wider trends shaping China's technology. The
China has nearly 3 times the number of internet users as the United States, and the gap will only widen: China has 772 million internet users, vastly more than the 292 million in the US. And there's still plenty of room to grow -- internet penetration is only at 55% in China, while in the US, it's 89%.
Beijing is China's unicorn capital: Some of China's biggest tech giants may have started in Shenzhen, but Beijing leads the way with 31 tech unicorns. (Shenzhen has just 11!)
China's internet giants are doing everything: From streaming video to self-driving cars, the big three (Baidu, Alibaba and Tencent) are present in almost every tech sector, either by investing in startups or by building it themselves.
Government policy continue to actively shape China's tech industry.
China's online shopping giants are going offline.
China loves short videos.
WeChat's mini-programs are cementing its place as China's virtual mobile operating system: Mini-programs, which are no bigger than 10 megabytes and running in the WeChat app are gaining ground -- WeChat now hosts 1 million mini-apps, and the number of people who use them daily is expected to reach 400 million.
China lags behind the US in AI, but the government wants to catch up -- soon.
China is making smart speakers but Chinese users aren't buying them: There are now over 100 smart speaker developers in the country (including all of the tech giants), but demand isn't there yet -- in 2017, only 350,000 smart speakers were sold in China, compared to 25 million in the US.
China is now the world's biggest gaming market: It accounts for more than aquarter of the world's total gaming revenue (the US is close behind in second). And it's dominated by two players: Tencent and NetEase, who jointly have over 60% market share in China.
Half of ICOs Die Within Four Months After Token Sales Finalized
An anonymous reader quotes a report from Bloomberg:
About 56 percent of crypto startups that raise money through token sales die within four months of their initial coin offerings. That's the finding of a Boston College study that analyzed the intensity of tweets from the startups' Twitter accounts to infer signs of life. The researchers determined that only 44.2 percent of startups survive after 120 days from the end of their ICOs. The researchers, Hugo Benedetti and Leonard Kostovetsky, examined 2,390 ICOs that were completed before May.
Acquiring coins in an ICO and selling them on the first day is the safest investment strategy, Kostovetsky said in a phone interview. But many individual investors can't participate in ICOs, so this option isn't open to them. Still, all investors should probably sell their coins within the first six months, the study found. "What we find is that once you go beyond three months, at most six months, they don't outperform other cryptocurrencies," Kostovetsky said. "The strongest return is actually in the first month." The Boston College study also found that ICO returns are declining, as startups have becoming savvier about pricing coin offerings and more people have jumped into ICO investing. According to Bloomberg, "Returns of people who sold tokens on the first day they were listed on an exchange have been declining by four percentage points a month, Kostovetsky said."
Scientists Discover the World's Oldest Colors
1.1 billion-year-old bright pink pigments extracted from rocks deep beneath the Sahara desert in Africa
are the oldest colors on record. They were discovered by scientists from The Australian National University (ANU), with support from Geoscience Australia and researchers in the United States and Japan. Phys.Org reports:
Dr. Nur Gueneli from ANU said the pigments taken from marine black shales of the Taoudeni Basin in Mauritania, West Africa, were more than half a billion years older than previous pigment discoveries. The fossils range from blood red to deep purple in their concentrated form, and bright pink when diluted. The researchers crushed the billion-year-old rocks to powder, before extracting and analyzing molecules of ancient organisms from them.
"The precise analysis of the ancient pigments confirmed that tiny cyanobacteria dominated the base of the food chain in the oceans a billion years ago, which helps to explain why animals did not exist at the time," Dr. Gueneli said. Senior lead researcher Associate Professor Jochen Brocks from ANU said that the emergence of large, active organisms was likely to have been restrained by a limited supply of larger food particles, such as algae. "Algae, although still microscopic, are a thousand times larger in volume than cyanobacteria, and are a much richer food source," said. The study has been
published in the journal PNAS.
Nitrogen Is In Liquid Metal Form Inside Earth's Core
A team of scientists from China, the U.S., and U.K. successfully turned nitrogen, the dominant gas in Earth's atmosphere, into a metallic fluid by subjecting it to the extreme pressure and temperature conditions found deep inside the Earth and other planets. Their findings have been published in the journal Nature Communications .
"Our findings could inform the efforts to create forms of energetic nitrogen polymers as well as superconducting, metallic states of a sister diatomic molecule, hydrogen or H2, which could revolutionize the energy sector if reliably synthesized," according to team member Nicholas Holtgrewe. The project was funded by by the (U.S.) National Science Foundation, the (U.S.) Army Research Office, the National Natural Science Foundation of China, the Chinese Academy of Science, the British Council Researcher Links Program, and other sources. According to EurekAlert, "The researchers found that the temperature at which nitrogen transitions from insulating to metallic decreases as the pressure increases -- starting at about 1,180,000 times normal atmospheric pressure (120 gigapascals) and 2,720 degrees Celsius (3,000 kelvin)." "This means that, theoretically, nitrogen would remain in its diatomic state in the Earth's mantle but would disassociate into a fluid metal in or just above the core, which potentially has implications for our understanding of the planet's deep nitrogen cycle," said team member Sergey Lobanov.