Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
WASHINGTON DC: The Senate Intelligence Committee concluded [on 25 July 2019] that election systems in all 50 states were targeted by Russia in 2016, largely undetected by the states and federal officials at the time, but at the demand of American intelligence agencies the committee was forced to redact its findings so heavily that key lessons for the 2020 election are blacked out. While the report is not directly critical of either American intelligence agencies or the states, it described what amounted to a cascading intelligence failure, in which the scope of the Russian effort was underestimated, warnings to the states were too muted, and state officials either underreacted or in some cases, resisted federal efforts to offer help.'' https://www.nytimes.com/2019/07/25/us/politics/russian-hack-of-elections-system-was-far-reaching-report-finds.html
Caputo, who previously worked for nuclear plant operator Exelon Corp, told operators this week her aim was "risk-informed decision-making," concentrating regulatory oversight on high-risk problems. "We shouldn't regulate to zero risk," said David Wright, a former South Carolina public-utility commissioner appointed to the NRC board last year. "The NRC mission is reasonable assurance of adequate protection—no more, no less," Wright said. https://www.nbcnews.com/politics/politics-news/nuclear-industry-pushing-fewer-inspections-plants-n983671 What could go wrong?
The electric-car maker said it will do that without light detection and ranging, or lidar, complex sensors that use laser lights to map the environment—technology most autonomous vehicle makers consider necessary. Even with lidar, many of those manufacturers have adopted a slow and deliberate approach to self-driving vehicles, with limited testing on public roads. Tesla shows little sign of such caution. And because autonomous vehicles are largely self-regulated—guided by industry standards but with no clearly enforceable rules—no one can stop the automaker from moving ahead. *The Washington Post* spoke with a dozen transportation officials and executives, including current and former safety regulators, auto industry executives, safety advocacy group leaders and autonomous-vehicle competitors. In interviews, they expressed worries that Tesla's plan to unleash robo-cars on the road on an expedited timeline likely without regulated vetting—could result in crashes, lawsuits and confusion. Plus, they said, Tesla's promised `full self-driving' features fall short of industry standards for a true autonomous vehicle because humans will still need to be engaged at all times and ready to intervene in the beginning. Some of the people interviewed requested anonymity because of the sensitivity of the matter. ... Tesla has raised eyebrows with its statements that autonomous driving can be achieved through a slimmed-down system that sheds all but the most critical equipment. Musk says he wants Tesla's system to use a combination of cameras and radar sensors that triangulate a field of vision, similar to human eyesight, forgoing lidar. It also forgoes a driver-monitoring camera to improve safety in the cabin, instead relying on torque-sensing steering-wheel monitors to detect whether the driver's hands are on the wheel. Tesla executives said at an April conference that the company is using its radar and cameras to understand depth around its cars and real-world road conditions, as well as its Shadow Mode, which allows it to test how self-driving technologies perform without actually activating those features -- something the company says lets it train and refine its networks without needing to do the same testing as other companies. “Lidar is lame,'' Musk said in April. Rivals are “all going to dump lidar. That's my prediction. Mark my words.'' Meanwhile, traditional auto-industry executives have preached caution. https://www.washingtonpost.com/technology/2019/07/17/tesla-floats-fully-self-driving-cars-soon-this-year-many-are-worried-about-what-that-will-unleash/
https://www.theregister.co.uk/2019/07/25/a350_power_cycle_software_bug_149_hours/ The airworthiness directive says in part: Prompted by in-service events where a loss of communication occurred between some avionics systems and avionics network, analysis has shown that this may occur after 149 hours of continuous aeroplane power-up. Depending on the affected aeroplane systems or equipment, different consequences have been observed and reported by operators, from redundancy loss to complete loss on a specific function hosted on common remote data concentrator and core processing input/output modules. This condition, if not corrected, could lead to partial or total loss of some avionics systems or functions, possibly resulting in an unsafe condition. I suspect they have a 32-bit counter that updates every 125 microseconds (8kHz). Such a counter will overflow after 149 hours, 7 minutes, 51 seconds.
https://www.washingtonpost.com/business/economy/home-elevator-deaths/2019/07/18/27b53434-968e-11e9-830a-21b9b36b64ad_story.html
Here's a brief transport/automation problem that I encountered last week/ During the afternoon of 9 July 2019, the automated AirTrain shuttle service at Newark airport went seriously awry. AirTrain is an unmanned monorail service with a single line that links the airport's three terminals with the parking and car rental facilities, as well as the NJTransit/Amtrak station. Starting about 3.00pm, passengers were instructed by AirTrain staff to evacuate the vehicles, to transfer back and forth between certain trains, and to ignore the automated signs and announcements. Some trains appeared to suddenly reverse direction and return to their origin without visiting the terminals. Others arrived at one end of the line already jammed with passengers who had expected to get to the other end. There were numerous mismatches between the system's destination indicators and the actual train movements. For many dozens of people, what should have been a ten-minute transfer took well over an hour, presumably with a corresponding number of missed flights. There was no indication of any form of police activity or airport security problems, that might have caused the mixup. It would be interesting to find out if anyone actually got to the root of this robotic hijacking incident.
Europe's Galileo satellite navigation system largely regained service Thursday [18 Jul 2019], after a mass outage began on 11 Jul. The European Global Navigation Satellite Systems Agency, known as GSA, said that commercial users would start to see coverage returning, but that there might be "fluctuations" in the system. What remains unclear is what exactly caused the downtime—nd why it persisted for so long. https://www.wired.com/story/galileo-satellite-outage-gps/ ices might also be making connections with the Russian (Glonass) and Chinese (Beidou) networks. https://www.bbc.com/news/science-environment-48985399
Everyone knows robot ants can't move a rubber tree plant. Oh shoot, they can! EXCERPT: A team of Swiss researchers with bugs on the brain has created an army of simple robotic "ants" capable of some impressive feats. The takeaway from these 10 gram bots, which are inexpensive to make and surprisingly simple in design? *Teamwork makes the dream work. * As described in a new paper in the journal Nature, the ants can communicate with each other, assign roles among themselves, and complete complex tasks and overcome obstacles together. That means that while simple compared to much more complex autonomous agents, these origami-inspired robots can solve complex challenges, such navigating uneven surfaces or, yes, moving comparatively huge objects. The robots <https://www.zdnet.com/blog/robotics/>, which are T-shaped and called Tribots by researchers at the Ecole polytechnique federale de Lausanne <https://www.epfl.ch/en/>, a Swiss research institute, have infrared and proximity sensors for detection and communication. Made of foldable thin materials, they're also easy to manufacture. The actuated robots can jump and crawl to explore uneven surfaces. "Their movements are modeled on those of Odontomachus ants," says Zhenishbek Zhakypov, the first author of the Nature article. "These insects normally crawl, but to escape a predator, they snap their powerful jaws together to jump from leaf to leaf."...
*AI will bring many wonders. It may also destabilize everything from nuclear detente to human friendships. We need to think much harder about how to adapt.* EXCERPT: Humanity is at the edge of a revolution driven by artificial intelligence. It has the potential to be one of the most significant and far-reaching revolutions in history, yet it has developed out of disparate efforts to solve specific practical problems rather than a comprehensive plan. Ironically, the ultimate effect of this case-by-case problem solving may be the transformation of human reasoning and decision making. This revolution is unstoppable. Attempts to halt it would cede the future to that element of humanity more courageous in facing the implications of its own inventiveness. Instead, we should accept that AI is bound to become increasingly sophisticated and ubiquitous, and ask ourselves: How will its evolution affect human perception, cognition, and interaction? What will be its impact on our culture and, in the end, our history? Such questions brought together the three authors of this article: a historian and sometime policy maker; a former chief executive of a major technology company; and the dean of a principal technology-oriented academic institution. We have been meeting for three years to try to understand these issues and their associated riddles. Each of us is convinced of our inability, within the confines of our respective fields of expertise, to fully analyze a future in which machines help guide their own evolution, improving themselves to better solve the problems for which they were designed. So as a starting point—and, we hope, a springboard for wider discussion—we are engaged in framing a more detailed set of questions about the significance of AI's development for human civilization... https://www.theatlantic.com/magazine/archive/2019/08/henry-kissinger-the-metamorphosis-ai/592771/
Steven Cheung just read a fun article that has been slashdotted. It's about how a team defeats Cylance, a popular machine-learning-based antivirus software https://www.vice.com/en_us/article/9kxp83/researchers-easily-trick-cylances-ai-based-antivirus-into-thinking-malware-is-goodware here are more technical details: https://skylightcyber.com/2019/07/18/cylance-i-kill-you/
https://www.cshub.com/attacks/articles/ai-could-escalate-new-type-of-voice-phishing-cyber-attacks While many cyber security professionals have been looking at (and even investing in) the potential benefits of utilizing artificial intelligence (AI) technology within many different business functions, earlier this week, the Israel National Cyber Directorate (INCD) issued a warning of a new type of cyber-attack that leverages AI to impersonate senior enterprise executives. The method instructs company employees to perform transactions including money transfers and other malicious activity on the network. There are recent reports of this type of cyber-attack received at the operational center of the INCD. While business email compromise (BEC) types of fraud oftentimes use social engineering methods for a more effective attack, this new method escalates the attack type by using AI-based software, which makes voice phishing calls to senior executives. --- (Via BreachExchange: https://lists.riskbasedsecurity.com/listinfo/breachexchange)
“We understand that this has been frustrating,'' Uber said in response to one of the riders' complaints. “There was a known issue that caused your authorization hold to be very high. Our team has already fixed this issue. Thank you so much for your patience.'' https://www.washingtonpost.com/technology/2019/07/18/uber-glitch-charges-passengers-times-normal-price-resulting-crosstown-fares-thousands-dollars/
Asha Barbaschow | 11 Jul 2019 https://www.zdnet.com/article/google-says-leaked-assistant-recordings-are-a-violation-of-data-security-policies/ The search giant has confirmed humans are listening in to 'Okay Google' commands, but it says leaking the recordings are a violation of its data security policies. opening text: Earlier this week, a report from Belgium-based VRT NWS revealed that Google employees had been "systematically listening" to audio files recorded by Google Home smart speakers and the Google Assistant smartphone app. The report detailed how employees were listening to excerpts of recordings that are captured when a user activates the device by the usual "Okay Google" or "Hey Google" commands. After obtaining copies of some recordings, VRT NWS reached out to the users and had them verify their voice, or those of their children, talking to the digital assistant.
From a friend, his comments below. "One chief information-security officer at a major bank told us that, in five years, his bank will largely be immune to cyberattacks because it is upgrading from legacy systems that are insecure by default to cutting-edge systems that are secure by design." https://www.wsj.com/articles/u-s-companies-learn-to-defend-themselves-in-cyberspace-11562941994 Um, right. Wish I knew which bank that was so we could short its stock. (Not that IBM Z is *necessarily* more secure, but if they really think `cutting-edge systems' are `secure by design', well ...)
Security does not have a community. It has several siloed, sliced, and separated communities. Security has always taken "security by obscurity" too readily to heart, and despite the fact that we know SBO doesn't work; and even works against us; we still insist on dividing ourselves into smaller and smaller sub-sets. Intelligence doesn't talk to law enforcement which doesn't talk to academia which doesn't talk to business which doesn't talk to military which doesn't talk to industry which doesn't talk to government which doesn't talk to research. In all my decades in the field, I've only ever found two venues that attracted, encouraged, and almost forced the interaction (and often long-term relationships) of all these disparate groups (and more). If you've never been to the Agora meetings, you're too late. I attended the last one yesterday. For the past twenty-five years, those in the know would, every quarter, make every effort to spend Friday morning together. That was it: Friday morning. Three hours long, never more than three main presentations. There were also announcements, job postings, occasional queries, and, every August 15th, storytime. (That's an Agora joke. I don't expect you to get it. If you tell it to someone and they laugh, they've been to Agora recently.) Agora didn't just happen, of course. It was created and diligently (and creatively and competently) managed by Kirk Bailey, later ably assisted by Ann Nagel and Daniel Schwalbe. Also assisted by various students and a whole host of attendees and even companies, but that list would a) make this piece far too long and b) I'd definitely forget someone. Those of us who attended owe them all a debt of gratitude. Kirk's ability to attract speakers was legendary. We heard presentations at Agora I've never heard anywhere else, and some I never thought to hear. I recall a drive back after one Agora, when we we discussing a rather lackluster piece, and I was suddenly struck by the fact that, even if this meeting hadn't been sterling, the worst Agora meeting I'd ever attended was better than the best conference I'd ever attended. But the presentations were only half of what made Agora special. The other half was the people you met. People from three-letter agencies. People from high up in important corporations. People who were just there out of interest. People with political and social positions at extravagantly wild variance to your own. I remember, when I was first researching the implications, for security, of the potential capabilities of quantum computers, I got very excited over the possibilities for improving emergency management in the midst of a disaster. At Agora I met a Navy captain who got equally excited over similar possibilities for battle command. A number of us from the SIG drove down for the meetings, despite the three hour trip if nothing went wrong. Highway construction, bridge collapses (that's another Agora joke), local traffic, and border guards could easily double that. But we happily faced eleven hours of travel time for three hours of Agora and, if we were lucky, a couple of hours of "networking" and possibly lunch. We envied the people from the local area, but they weren't the only ones who came. Lots of people regularly came considerable distances. Before governments lost their travel budgets there were pretty much constant attendees from DC and Ottawa. People came from other continents. (Some of the DC crowd were pretty high up in DHS. If I could stay for one of the post-Agora lunches, the DHS guys always tried to grab me for their table. They wanted to know the latest border horror story, and I always had one for them. They regularly fell on the floor laughing about it.) (Recounting those would also make this piece far too long.) You will note that I haven't said where we met. That's another, well, not so much Agora joke as Agora tribute. Agora was governed by a sort of variant set of Chatham House Rules. What was said at Agora stayed at Agora. As an attendee, you never quoted any of the presentations, or any of the people you talked to at the breaks. For years this was simply understood by all involved. After one notable failure, a more formal NDA was created, but that was late in the game. Agora was the security world's worst kept secret. Nobody blabbed about what was said at Agora, or who went. But, despite the fact that Agora had no legal existence, no bank account, no Website, and no offices, almost everyone who ever attended became an instant devotee, and, often, evangelist. Within a few years of it's creation, attendance was hitting 600. During the Great Recession, the slashing of budgets and demands that security people stick to their desks dropped attendance to the 150 region, but, for the past few years it's been back in the 400 range. There was never any charge for membership in, or attendance at, Agora. There was a cost, certainly. Much of that was "sweat equity" on the part of Kirk and a number of others. There were also other direct costs, generally borne by whoever would pay for (or donate) a venue, or mailing costs, or refreshments, or (latterly) the "Agora spam gun." In the end, Agora became a victim of it's own success: it just became too hard to find people or institutions willing to donate, provide, pay for, or give priority to rooms big enough for the group to meet. Agora is gone, but leaves a legacy. That legacy is the model. We need a space. Or, more probably, spaces. We need other other venues, sites, and/or communities where the various communities can meet. Together. We need others to take up the Agora torch, and create places, physical or virtual, where anyone who is committed to (or even just strongly interested in) security, of whatever type, can meet together and, safely, exchange ideas. We need spaces where the formal can meet the anarchic, where the business can meet the exploratory, where the old can meet the young and pass along wisdom (and occasional silliness). Hopefully, Agora's death will have been a spawning or a sporing out, and not just a mere termination.
https://www.nytimes.com/2019/07/19/nyregion/subway-service-suspended-mta.html The Metropolitan Transportation Authority attributed the disruption to a `network communications' issue
Avast: More than 180,000 routers in Brazil had their DNS settings changed in Q1 2019. For nearly a year, Brazilian users have been targeted with a new type of router attack that has not been seen anywhere else in the world. The attacks are nearly invisible to end users and can have disastrous consequences, having the ability to lead to direct financial losses for hacked users. What's currently happening to routers in Brazil should be a warning sign for users and ISPs from all over the world, who should take precautions to secure devices before the attacks observed in South American country spread to them as well. ... https://www.zdnet.com/article/brazil-is-at-the-forefront-of-a-new-type-of-router-attack/
https://arstechnica.com/information-technology/2019/07/dataspii-inside-the-debacle-that-dished-private-data-from-apple-tesla-blue-origin-and-4m-people/
https://gizmodo.com/amazon-prime-day-glitch-let-people-buy-13-000-camera-g-1836487919
Cathrin Schaer, ZDNet, 12 Jul 2019 State of Hesse says student and teacher information could be "exposed" to US spy agencies. https://www.zdnet.com/article/microsoft-office-365-banned-in-german-schools-over-privacy-fears/ opening text: Schools in the central German state of Hesse have been have been told it's now illegal to use Microsoft Office 365. The state's data-protection commissioner has ruled that using the popular cloud platform's standard configuration exposes personal information about students and teachers "to possible access by US officials". That might sound like just another instance of European concerns about data privacy or worries about the current US administration's foreign policy. But in fact the ruling by the Hesse Office for Data Protection and Information Freedom is the result of several years of domestic debate about whether German schools and other state institutions should be using Microsoft software at all. Besides the details that German users provide when they're working with the platform, Microsoft Office 365 also transmits telemetry data back to the US. Last year, investigators in the Netherlands discovered that that data could include anything from standard software diagnostics to user content from inside applications, such as sentences from documents and email subject lines. All of which contravenes the EU's General Data Protection Regulation, or GDPR, the Dutch said.
Catalin Cimpanu for Zero Day | 12 Jul 2019 Last chance for Europe's top human rights court to rule against dragnet surveillance programs. https://www.zdnet.com/article/sweden-and-uks-surveillance-programs-on-trial-at-the-european-court-of-human-rights/ opening text: This week, the highest body of the European Court of Human Rights heard arguments against the mass surveillance programs of two countries, Sweden and the United Kingdom.
A flaw in the Bluetooth communication protocol may expose modern device users to tracking and could leak their ID, researchers claim. The vulnerability can be used to spy on users despite native OS protections that are in place and impacts Bluetooth devices on Windows 10, iOS, and macOS machines. This includes iPhones, iPads, Apple Watch models, MacBooks, and Microsoft tablets & laptops. Security 101 How to protect your privacy from hackers, spies, and the government How to protect your privacy from hackers, spies, and the government Simple steps can make the difference between losing your online accounts or maintaining what is now a precious commodity: Your privacy. On Wednesday, researchers from Boston University David Starobinski and Johannes Becker presented the results of their research at the 19th Privacy Enhancing Technologies Symposium, taking place in Stockholm, Sweden. According to the research paper, Tracking Anonymized Bluetooth Devices (.PDF), many Bluetooth devices will use MAC addresses when advertising their presence to prevent long-term tracking, but the team found that it is possible to circumvent the randomization of these addresses to permanently monitor a specific device. https://www.zdnet.com/article/bluetooth-vulnerability-can-be-exploited-to-track-and-id-iphone-smartwatch-microsoft-tablet-users/
Chris Duckett | 17 Jul 2019 The Communications Alliance has listed 27 other agencies that have tried to access metadata following the introduction of Australia's data retention regime. https://www.zdnet.com/article/clean-energy-regulator-wa-mines-department-and-vet-surgeons-board-trying-to-access-metadata-comms-alliance/ opening text: Agencies trying to access metadata when not specifically listed as an enforcement agency for the purposes of Australia's data retention regime has been labelled as a "serious and persistent phenomenon" by the Communications Alliance industry group. Writing in a submission to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) review of the mandatory data retention regime, Comms Alliance said it was a "problem that continues to grow in magnitude".
Catalin Cimpanu for Zero Day | 16 Jul 2019 App devs delayed upgrading apps, but lost in the long run due to more negative reviews and less Play Store visibility. https://www.zdnet.com/article/permission-greedy-apps-delayed-android-6-upgrade-so-they-could-harvest-more-user-data/ selected text: Android app developers intentionally delayed updating their applications to work on top of Android 6.0, so they could continue to have access to an older permission-requesting mechanism that granted them easy access to large quantities of user data, research published by the University of Maryland last month has revealed. And, ironically, the research team also found that app makers who delayed upgrading their apps to the newer Android 6.0 in order to keep access to a simpler system for harvesting user data received more negative ratings. These negative ratings eventually affected the apps' visibility on the Play Store, where positively-reviewed apps are placed higher in search results and recommendations.
For some rideshare users, a little number can be heavy baggage. https://www.washingtonpost.com/lifestyle/do-drivers-think-youre-a-ridezilla-better-check-your-uber-rating/2019/07/18/8b441588-a291-11e9-b732-41a79c2551bf_story.html
https://www.washingtonpost.com/world/2019/07/20/london-police-twitter-feed-was-hacked-then-trump-got-act/
A mother got out of her car at a supermarket parking lot when suddenly, the central lock activated and locked the car. The key was still inside the car, as was her young son. She immediately called emergency services, who arrived a short time later, broke a window and were able to free the toddler from the car, which had alredy heated up considerably. https://www.derwesten.de/panorama/aldi-frau-steigt-aus-auto-aus-und-waehlt-sofort-den-notruf-id226542237.html
Catalin Cimpanu, ZDNet, 20 Jul 2019 https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/ SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service. Hackers have breached SyTech, a contractor for FSB, Russia's national intelligence service, from where they stole information about internal projects the company was working on behalf of the agency—including one for deanonymizing Tor traffic. [...]
The fakes could undermine Facebook's efforts to inspire confidence and satisfy the regulators now scrutinizing the global currency. https://www.washingtonpost.com/technology/2019/07/22/facebooks-libra-currency-spawns-wave-fakes-including-facebook-itself/
https://investorplace.com/2019/07/facebooks-libra-surrenders-to-authority/
Sudden flood of digital coins spooked market and drove down price of bitcoin by about 12% https://www.wsj.com/articles/tethers-5-billion-error-exposes-crypto-markets-fragility-11563280121
http://pge.libercus.net//.pf/showstory/201907110011/3 Well, yeah. Likely debit was automatic but hassle getting it undone is systemic problem/failure. When AI runs everything it'll all be perfect. Nevermind Hal 9000, Skynet, or Colossus: The Forbin Project.
*The New York Times* The fire warning system at Notre-Dame took dozens of experts six years to put together, and in the end involved thousands of pages of diagrams, maps, spreadsheets and contracts, according to archival documents found in a suburban Paris library by The Times. The result was a system so arcane that when it was called upon to do the one thing that mattered—warn—fire! and say where—it produced instead a nearly indecipherable message. It made a calamity almost inevitable, fire experts consulted by *The Times* said. https://www.nytimes.com/interactive/2019/07/16/world/europe/notre-dame.html Stunning visuals, tragic outcome.
Eileen Brown for Social Business, ZDNet, 15 Jul 2019 https://www.zdnet.com/article/one-in-five-us-tech-employees-abuse-pain-relief-drugs-reveals-study/ There is nothing wrong with bonding over a beer or two after work, but when it becomes too much, it is important to spot the warning signs of substance abuse and addiction, according to a new study.
“It appears that the water entered the car through the fresh air intake of the HVAC system which is mounted on the roof of 7000-series vehicles; In normal or heavy rainfall, any water is diverted through ducts and exits the car through drains. At Virginia Square, the sudden deluge of water falling directly into the fresh air intake was more than the car could divert, resulting in water entering the cabin.'' In response to safety concerns, she noted that wiring is enclosed in secure boxes or run on the underside of the car, and each car “undergoes rigorous `water tightness testing'.'' https://dcist.com/story/19/07/16/heres-the-story-behind-that-photo-of-a-waterfall-inside-a-metro-car/ Done right, it seems. This really was epic/biblical rainstorm.
EXCERPT: In some parallel universe, there's a version of *Casino Royale* with Hugh Jackman playing everyone's favorite suave British agent, James Bond. And one in which Matthew McConaughey took the Leo role in *Titanic*. And DiCaprio and Brad Pitt co-starred in *Brokeback Mountain*. And *Saved by the Bell*'s Tiffani Thiessen played Rachel in *Friends*. The entertainment industry isn't exactly short on `what if?' scenarios in which actors came close to, but were ultimately passed over, playing iconic roles. For more than 99% of movie history, fans have been able to do little more than squirrel away this trivia for use in pop quizzes. That is until the arrival of deepfakes <https://www.digitaltrends.com/cool-tech/samsung-ai-deepfake-videos/>. Springing to life in the past couple of years, deepfakes use artificial intelligence technology to combine and superimpose new images and videos onto existing source footage using machine learning. That could mean anything from face swaps to mapping one person's body onto someone else's movements. <https://www.digitaltrends.com/cool-tech/uc-berkeley-deepfake-ai-dance/> The results can be jaw-droppingly realistic, which is why many people rightfully worry about its potential to be used for malicious hoaxes <https://www.digitaltrends.com/cool-tech/ai-spots-writing-by-ai/>. One tech enthusiast and movie buff thinks different, though. Operating under the YouTube username *Ctrl Shift Face*, <https://www.youtube.com/channel/UCKpH0CKltc73e4wh0_pgL3g> this high-tech Hollywood fan has used deepfake technology to create some astonishing remixes of iconic movie scenes—complete with all new actors. Ever wanted to see *The Shining* starring Jim Carrey instead of Jack Nicholson? Sly Stallone in *Terminator 2: Judgement Day*? Heck, he's even broken w ith the movie theme by dropping David Bowie into Rick Astley's infamous song-turned-meme *Never Gonna Give You Up*. “The Bowie one is my favorite,'' its creator told Digital Trends. “I wanted to Rickroll people and blow them away at the same time. Bowie fitted the role of Rick Astley, and had interesting facial features for a deepfake.'' [...] https://www.digitaltrends.com/cool-tech/ctrl-shift-face-deepfake-changing-hollywood-history/
Four Maryland teenagers sneaked onto their school's property the night before graduation last year and covered it in racist, homophobic and anti-Semitic graffiti. They wore masks, but they were caught because their cellphones automatically connected to the school WiFi network—using their student IDs. https://www.bostonglobe.com/news/nation/2019/07/10/helped-identify-teens-who-drew-racist-anti-semitic-graffiti-maryland-school/S0hQ1PwZNyXrzT43olZ2ZO/story.html
A couple in Rhode Island was being investigated for marriage fraud—that they entered into a sham marriage to get permanent resident status for the husband. When the wife was being interviewed, she produced her cellphone to show texts from her husband. A text message arrived: We had the best sex ever. Unfortunately the text was not from the husband. A federal trial is in progress. https://www.bostonglobe.com/metro/2019/07/16/had-best-sexy-ever-steamy-text-helps-spark-marriage-fraud-case/QlRNLVhGzFcfzO1lNXFwLM/story.html
http://www.taipeitimes.com/News/taiwan/archives/2019/07/11/2003718476 "The alert was originally set up to be sent to residents within 300m of the borough, but the unit of distance was later changed to kilometers." Way to go, clodsburg.
>> Still, it's unnerving that tech companies seem to think that social >> credit ratings are the next big thing for now. Hopefully, this is a >> trend that will not catch on. > > Stack Exchange was first. > Some might say not the same thing... > But users quickly learn to dot their i's and cross their t's... Some might say the same about BBS message boards (1978 CBBS), moderated Usenet netnews groups (UUCP 1979), and discussion lists (Listserv@Bitnic 1984), like this one, which preceded SE (2009) by decades. Who didn't pay attention when dmr@bell-labs.com posted to comp.lang.c? https://en.wikipedia.org/wiki/Usenet#cite_ref-54 "As long as there are folks who think a command line is better than a mouse, the original text-only social network will live on" in "Reports of Usenet's Death Are Greatly Exaggerated", August 1, 2008, TechCrunch. https://en.wikipedia.org/wiki/Usenet#cite_note-54 The major appeal then and now is filtering and limiting the spam, garbage, verbiage, and incivility that permeates other [anti-?]"social networks".
Europe's satellite-navigation system, Galileo, has suffered a major outage. The network has been offline since Friday due to what has been described as a "technical incident related to its ground infrastructure". The problem means all receivers, such as the latest smartphone models, will not be picking up any useable timing or positional information. These devices will be relying instead on the data coming from the American Global Positioning System (GPS). Depending on the sat-nav chip they have installed, cell phones and other devices might also be making connections with the Russian (Glonass) and Chinese (Beidou) networks. https://www.bbc.com/news/science-environment-48985399
"Imagine what it might be like to be in the grip of a conspiracy theory, when you've spent your whole professional life being one of those policy mandarins who could smell a conspiracy theory a mile away?..." The root problem here is lack of trust in authorities. It goes much deeper than just technology. For my whole life, such trust has been eroding among the public. The interesting thing about that story is that the shoe is finally on the other foot, an authority is losing trust. I say good. Maybe they may take steps to become trustworthy themselves.
[TfL is the authority that runs the London Underground] https://www.dailymail.co.uk/news/article-7223711/Experts-warn-London-commuters-turn-phones-Wi-Fi-Tube-stop-tracked.html Security experts warn London commuters to turn off their phones' Wi-Fi on the Tube to stop being tracked as TfL starts harvesting signal data today * *Operator will monitor travel patterns with beacon that detects Wi-Fi capability * * *Phones, laptops or tablets do not have to join the station's network to be tracked * * *Only way to ensure that you are not tracked is to disable your Wi-Fi completely * Sebastian Murphy-bates For Mailonline, 8 July 2019 This morning the Tube network introduced monitoring of signals to harvest date from commuters in the capital. Transport for London says it is collecting details of where, when and how customers use the service. Even phones that are not connected to TfL's Wi-Fi will be vulnerable to tracking dmg media <https://www.dmgmedia.co.uk/> I went to a talk a year or two ago given by one of the Undergound's planning staff on remodeling Bank station in the heart of the City of London business district (so-named because the Bank of England building is just across the street, not because it's on the bank of the River Thames as I had incorrectly assumed when I was a kid). This is a major below-ground station underneath a large road intersection, where multiple lines cross at several levels, so it's quite a labyrinth. For busy, complicated subway/rapid transit systems like London's, obviously train capacity is a major planning challenge, but just as important is handling the volume of passengers through the stations as they use corridors, ticket barriers, elevators, stairs, escalators, etc. between trains or trains and streets. Historically, measuring passenger flows was done by groups of stewards located at strategic points around a station; some would hand out numbered cards to passengers as they entered the station or got off trains, while others would collect the cards as passengers left the station or got on trains. This was OK in a basic way, but was labour-intensive and rather intrusive at busy times, and only a small sample of passengers could be covered. Of course nowadays most people carry cellphone or wi-fi wireless devices and the Underground has repeaters to keep them working below ground, so the obvious step is to use these to log passenger movements, as it's totally unobtrusive and allows detailed real-time tracking of almost every passenger. The lady who gave the talk stressed that there's no attempt to make contact with or identify any of the devices, and presumably details of individual devices are not retained after analysing their movements -- pointless anyway unless GCHQ/MI5/FBI/CIA or whoever want to track random people's journeys for the sake of it. She added that the technique was unexpectedly useful as passengers were found to be surprisingly imaginative at figuring out routes around the station, including several ways that the planners hadn't considered themselves. Presumably the warning signs on stations mentioned in the newspaper are to comply with latest data-protection regulations.
Please report problems with the web pages to the maintainer