Russia Accused of Spreading Coronavirus Disinformation
technology - Posted On:2020-04-05 15:45:00 Source: slashdot
Two associate professors studying foreign trolls online have penned an op-ed in the Washington Post arguing that Russian efforts to stir up antagonisms online "continues to be true with coronavirus disinformation." In our research, we have found multiple networks of fake accounts — one of which we can attribute to Russia — that use conversations about coronavirus as a tool for political attacks. To right-leaning Americans, these trolls criticize the response from liberals, suggest the coronavirus is being used to take away their freedoms, and point the finger of blame at China. To left-wing Americans, they suggest the administration's response is immoral and inadequate and point the finger of blame at Trump. On both sides, these are arguments that real Americans are also making, typically with honest intentions. The attacks play to the trolls' goals, however, and so they repeat them, making the loudest and ugliest versions more mainstream. In doing so, they dangerously widen existing divisions in a time of crisis, making critical compromise more difficult. As before, these networks rely on hashtags from organic American conversations, such as #TrumpLiedPeopleDied and #ReopenAmerica. They aren't creating the divisions, but they are working hard to make them wider.... Many commentators have discussed various ways in which the United States has acted to make the coronavirus crisis worse than it could or should be. The public's own role in spreading global disinformation needs to be added to that list. We have to address our own culpability in the problems that are fomented by disinformation. At a time when most news and information people digest is socially mediated, we need to create citizens and platforms that are more resilient to lies and more accepting of facts. Above all, however, we need to stop doing the trolls' jobs for them. The article also cites "websites peddling conspiracy theories" (including what it calls the "Chinese lab origin theory, among other fearmongering stories related to the virus.") "Among those accounts circulating the stories are pro-Russian and Russian state media-affiliated social media influencers." Read more of this story at Slashdot.
What It's Like To Attend a Conference -- in Person -- in the Age of Covid-19?
it - Posted On:2020-04-05 11:45:05 Source: slashdot
What happens when no one shows up for a tech conference? Fast Company's technology editor harrymcc writes: From Apple to Microsoft to Google, major tech companies have responded to the coronavirus crisis by either canceling their 2020 conference or making them purely virtual. But one well-established event — Vancouver's CanSecWest — went ahead earlier this month, with streaming as an option but not mandatory. Only three attendees showed up in the flesh. But so did security reporter Seth Rosenblatt, who wrote about the eerie experience for Fast Company. They were outnumbed by the six staffers at the event -- "there to run the online component" -- but the article notes that the conference's organizer and founder promised all attendees "infrared body temperature checks, on-site coronavirus testing, ample supplies of disposable face masks and hand sanitizer, and restrictions on physical contact and interaction..." "Empty hallways and escalators echoed with every footstep, and it smelled empty, the ventilation system circulating unused air. At the conference registration desk, I was offered a disposable surgical face mask and gloves." Read more of this story at Slashdot.
Coronavirus: Could Etsy Help Save the World?
technology - Posted On:2020-04-05 03:14:58 Source: slashdot
Long-time Slashdot reader theodp writes: With the CDC now recommending wearing cloth face coverings in public settings, Etsy has called in the cavalry, encouraging additional sellers on its platform to start creating and offering face masks to help meet an already significant demand for fabric face masks. "We believe that the Etsy community is uniquely positioned to address this crucial need during a global health crisis," Etsy CEO Josh Silverman said in a statement. "We hope that increasing the availability of fabric, non-medical grade face masks from Etsy sellers will allow more medical and surgical masks to reach the people who need them most: front-line health care workers." Read more of this story at Slashdot.
U.S. Government: Update Chrome 80 Now, Multiple Security Concerns Confirmed
it - Posted On:2020-04-04 18:44:59 Source: slashdot
Part of America's Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency (CISA) "has advised users to update Google Chrome as new high-rated security vulnerabilities have been found," reports Forbes: In an April 1 posting, CISA confirmed that Google Chrome version 80.0.3987.162 "addresses vulnerabilities that an attacker could exploit to take control of an affected system," be that Windows, Mac or Linux. It went on to state that it "encourages" users and administrators to apply the update. It's not just CISA that is warning about the need to update Google Chrome. The Center for Internet Security (CIS) is a non-profit entity that works to safeguard both private and public organizations against cyber threats. In a multi-state information sharing and analysis center (MS-ISAC) advisory, it has also warned of multiple vulnerabilities in Google Chrome. The most severe of these could allow an attacker to achieve arbitrary code execution within the context of the browser... All it would take for an attacker to exploit the vulnerabilities is to get the user to visit, by way of a phishing attack or even redirection from a compromised site, a maliciously crafted web page. Beside three high-rated vulnerabilities, Forbes reports that "a further five security vulnerabilities were discovered by the Google internal security team using a combination of internal audits and fuzzing." Read more of this story at Slashdot.
How the Telephone Failed Its Big Test During 1918's Spanish Flu Epidemic
technology - Posted On:2020-04-04 14:44:59 Source: slashdot
Fast Company's technology editor harrymcc writes: When the Spanish flu struck in 1918, the U.S. reacted in ways that sound eerily familiar, by closing public places and telling people to stay at home. The one technology that promised to make isolation less isolating was the telephone, which was used for commerce, education, and even news distribution. But the phone itself got caught up in the flu's damaging impact on society, and AT&T ended up running ads asking people not to make calls if at all possible. I wrote about this little-known tale of technology's promise and pitfalls for Fast Company. The article shows some strange glimpses of a very different time. "A New York Telephone ad even warned that operators might inquire about the nature of a call to ensure that it was truly necessary." Read more of this story at Slashdot.
Not Just 'The Death of IT'. Cringely Also Predicts Layoffs For Many IT Contractors
it - Posted On:2020-04-04 11:45:00 Source: slashdot
Last week long-time tech pundit Robert Cringely predicted "the death of IT" in 2020 due to the widespread adoption of SD-WAN and SASE. Now he's predicting "an even bigger bloodbath as IT employees at all levels are let go forever," including IT consultants and contractors. My IT labor death scenario now extends to process experts (generally consultants) being replaced with automation. In a software-defined network, whether that's SD-WAN or SASE, so much of what used to be getting discreet boxes to talk with one another over the network becomes a simple database adjustment. The objective, in case anyone forgets (as IT, itself, often does) is the improvement of the end-user experience, in this case through an automated process. With SD-WAN, for example, there are over 3,000 available Quality of Service metrics. You can say that Office 365 is a critical metric as just one example. Write a script to that effect into the SD-WAN database, deploy it globally with a keyclick and you are done... It's slowly dawning on IBM [and its competitors] that they have to get rid of all those process experts and replace them with a few subject matter experts. Here's the big lesson: with SD-WAN and SASE the process no longer matters, so knowing the process (beyond a few silverbacks kept on just in case the world really does end) isn't good for business. Cringely predicts the downgrading of corporate bonds will also put pressure on IBM and its competitors, perhaps ultimately leading to a sale or spin-off at IBM. "Either they sell the parts that don't make money, which is to say everything except Red Hat and mainframes, or they sell the whole darned thing, which is what I expect to happen." With that he predicts thousands of layoffs or furloughs — and while the bond market puts IBM in a bigger bind, "this could apply in varying degrees to any IBM competitors." Read more of this story at Slashdot.
Y Combinator Company 'Flexport' Is Shipping PPE To Frontline Responders
technology - Posted On:2020-04-04 10:44:57 Source: slashdot
The Y Combinator company Flexport is a San Francisco-based freight-forwarding and customs brokerage company. (Its investors include Google Ventures and Peter Thiel's Founders Fund.) But on March 23rd Flexport announced they were now re-focusing all their resources to get critical supplies to frontline responders combating COVID-19. They've joined a team that announced on Friday announced "we're shipping full cargo planes filled with PPE to protect frontline responders," citing a partnership with Atlas Air and United Airlines. Atlas Air delivered a dedicated charter plane for this mission on Thursday, April 2nd. Originating in Shanghai, the plane contained over 143,000 pounds of PPE for medical systems in California, including approximately: - 4,500,000 medical masks - 116,000 disposable medical protection coveralls - 121,300 surgical gowns For this volume of goods, significant capacity is needed on a plane. However, global travel has plunged because of the outbreak, meaning that passenger planes which used to carry cargo are grounded, and the air market capacity is extremely limited. And hospitals, who in normal situations aren't importing their own goods, can't arrange cargo on a plane on their own... Crews from United Airlines volunteered to help, arriving at SFO [San Francisco International Airport] at 6AM to unload and unpack the plane. The cargo was then put on a truck and delivered directly to hospitals that will distribute the PPE across the state based on need... Up next, we're moving cargo to New York and will share updates next week. Please continue to help us spread the word to support the response efforts. They're raising money on GoFundMe, and this "Frontline Responders Fund" has so far raised over $6 million from 15,800 donors. Their page notes that on Thursday former California governor Arnold Schwarzenegger "personally helped us deliver a trucking shipment from MedShare with 49,000 donated masks to a hospital in Los Angeles, California." Their page also notes donations have funded the trucking of goods across America from nonprofits, including: All Hands and All Hearts Smart Response, who delivered over 43,000 units of gloves, gowns, face masks, goggles, and hand sanitizer to emergency rooms and hospitals in New York City and Southern California. Donate PPE, who delivered over 3,750 N95 respirator masks to hospitals in Brooklyn, NY yesterday One of their supporters is actor Clark Gregg, who plays agent Coulson in five Marvel movies and the TV series Agents of S.H.I.E.L.D. He records personalized video greetings for fans through a web site called Cameo, and through Wednesday he donated 100% of the money earned to the Frontline Responders Fund. Read more of this story at Slashdot.
A Hacker Found a Way To Take Over Any Apple Webcam
it - Posted On:2020-04-04 09:14:56 Source: slashdot
An anonymous reader quotes a report from Wired: Apple has a well-earned reputation for security, but in recent years its Safari browser has had its share of missteps. This week, a security researcher publicly shared new findings about vulnerabilities that would have allowed an attacker to exploit three Safari bugs in succession and take over a target's webcam and microphone on iOS and macOS devices. Apple patched the vulnerabilities in January and March updates. But before the fixes, all a victim would have needed to do is click one malicious link and an attacker would have been able to spy on them remotely. The bugs Pickren found all stem from seemingly minor oversights. For example, he discovered that Safari's list of the permissions a user has granted to websites treated all sorts of URL variations as being part of the same site, like https://www.example.com, http://example.com and fake://example.com. By "wiggling around," as Pickren puts it, he was able to generate specially crafted URLs that could work with scripts embedded in a malicious site to launch the bait-and-switch that would trick Safari. A hacker who tricked a victim into clicking their malicious link would be able to quietly launch the target's webcam and microphone to capture video, take photos, or record audio. And the attack would work on iPhones, iPads, and Macs alike. None of the flaws are in Apple's microphone and webcam protections themselves, or even in Safari's defenses that keep malicious sites from accessing the sensors. Instead, the attack surmounts all of these barriers just by generating a convincing disguise. Read more of this story at Slashdot.
Zoom's Encryption Is 'Not Suited for Secrets' and Has Surprising Links To China, Researchers Discover
technology - Posted On:2020-04-03 12:45:00 Source: slashdot
Meetings on Zoom, the increasingly popular video conferencing service, are encrypted using an algorithm with serious, well-known weaknesses, and sometimes using keys issued by servers in China, even when meeting participants are all in North America, according to researchers at the University of Toronto. From a report: The researchers also found that Zoom protects video and audio content using a home-grown encryption scheme, that there is a vulnerability in Zoom's "waiting room" feature, and that Zoom appears to have at least 700 employees in China spread across three subsidiaries. They conclude, in a report for the university's Citizen Lab -- widely followed in information security circles -- that Zoom's service is "not suited for secrets" and that it may be legally obligated to disclose encryption keys to Chinese authorities and "responsive to pressure" from them. Read more of this story at Slashdot.
A Hacker Has Wiped, Defaced More Than 15,000 Elasticsearch Servers
technology - Posted On:2020-04-03 12:15:00 Source: slashdot
For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame. From a report: According to security researcher John Wethington, one of the people who saw this campaign unfolding and who aided ZDNet in this report, the first intrusions began around March 24. The attacks appear to be carried with the help of an automated script that scans the internet for ElasticSearch systems left unprotected, connects to the databases, attempts to wipe their content, and then creates a new empty index called nightlionsecurity.com. The attacking script doesn't appear to work in all instances, though, as the nightlionsecurity.com index is also present in databases where the content has been left intact. Read more of this story at Slashdot.
Facebook Wanted NSO Spyware To Monitor Users, NSO CEO Claims
technology - Posted On:2020-04-03 11:30:01 Source: slashdot
Facebook representatives approached controversial surveillance vendor NSO Group to try and buy a tool that could help Facebook better monitor a subset of its users, according to an extraordinary court filing from NSO in an ongoing lawsuit. From a report: Facebook is currently suing NSO for how the hacking firm leveraged a vulnerability in WhatsApp to help governments hack users. NSO sells a product called Pegasus, which allows operators to remotely infect cell phones and lift data from them. According to a declaration from NSO CEO Shalev Hulio, two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus. At the time, Facebook was in the early stages of deploying a VPN product called Onavo Protect, which, unbeknownst to some users, analyzed the web traffic of users who downloaded it to see what other apps they were using. According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo. Read more of this story at Slashdot.
Google Is Publishing Location Data From 131 Countries To Show How Coronavirus Lockdowns Are Working
technology - Posted On:2020-04-03 10:44:57 Source: slashdot
Google is using the location data it collects from billions of smartphones to show how people's movements have changed as governments around the world lock down cities and issue shelter in place orders to slow down the spread of the coronavirus. From a report: Reports generated using this data, which is normally used to show how busy a certain location is on Google Maps, and which Google says does not identify individual people, are freely available on a brand new website called COVID-19 Community Mobility Reports. "We have heard from public health officials that this same type of aggregated, anonymized data could be helpful as they make critical decisions to combat COVID-19," wrote Google senior vice president Jen Fitzpatrick and Karen DeSalvo, chief health officer for Google Health, in a blog post published Friday. The data is currently available for 131 countries, and in many locations including the US, you can also access data for individual counties. Read more of this story at Slashdot.
Scientists Develop AI That Can Turn Brain Activity Into Text
technology - Posted On:2020-04-03 09:14:57 Source: slashdot
An anonymous reader quotes a report from The Guardian: Writing in the journal Nature Neuroscience, [researchers from the University of California, San Francisco] reveal how they developed their system by recruiting four participants who had electrode arrays implanted in their brain to monitor epileptic seizures. These participants were asked to read aloud from 50 set sentences multiple times, including "Tina Turner is a pop singer," and "Those thieves stole 30 jewels." The team tracked their neural activity while they were speaking. This data was then fed into a machine-learning algorithm, a type of artificial intelligence system that converted the brain activity data for each spoken sentence into a string of numbers. To make sure the numbers related only to aspects of speech, the system compared sounds predicted from small chunks of the brain activity data with actual recorded audio. The string of numbers was then fed into a second part of the system which converted it into a sequence of words. At first the system spat out nonsense sentences. But as the system compared each sequence of words with the sentences that were actually read aloud it improved, learning how the string of numbers related to words, and which words tend to follow each other. The team then tested the system, generating written text just from brain activity during speech. The system was not perfect, but for one participant just 3% of each sentence on average needed correcting -- "higher than the word error rate of 5% for professional human transcribers," the report says. "But, the team stress, unlike the latter, the algorithm only handles a small number of sentences." "The team also found that training the algorithm on one participant's data meant less training data was needed from the final user -- something that could make training less onerous for patients." Read more of this story at Slashdot.
New York Finally Legalizes Electric Bikes and Scooters
technology - Posted On:2020-04-02 20:59:59 Source: slashdot
Included in New York's tentative budget agreement reached on April 1st is a provision that would legalize throttle-based bikes and scooters. The Verge reports: The budget language almost exactly mirrors a bill that passed the New York State Legislature last year but was inexplicably vetoed at the last minute by Gov. Andrew Cuomo. It changes state law to legalize e-bikes and scooters but would give localities the ability to decide for themselves how to regulate the vehicles. Throttle-based e-bikes favored by delivery workers would be legal, and dockless scooter services like Bird and Lime would need to be permitted by municipalities before launching. Scooters would stay illegal in Manhattan, though the city could eventually overrule that provision. The budget language would create three classes of e-bikes: Class 1 is pedal-assisted with no throttle; Class 2 is throttle-assisted with a maximum speed of 20 mph; and Class 3 is throttle-powered with a maximum speed of 25 mph. E-scooters would be capped at 15 mph, and riders under 18 years of age would be required to wear a helmet. Helmets would also be required for riders of Class 3 e-bikes. (Food delivery workers, who favor these bikes, are already required by law to wear helmets.) But the budget is undoubtedly a huge win for delivery workers and immigrant rights groups that have been fighting for nearly a decade to overturn the rules. Read more of this story at Slashdot.
Boeing 787s Must Be Turned Off and On Every 51 Days To Prevent 'Misleading Data' Being Shown To Pilots
technology - Posted On:2020-04-02 18:14:59 Source: slashdot
The U.S. Federal Aviation Administration has ordered Boeing 787 operators to switch their aircraft off and on every 51 days to prevent what it called "several potentially catastrophic failure scenarios" -- including the crashing of onboard network switches. The Register reports: The airworthiness directive, due to be enforced from later this month, orders airlines to power-cycle their B787s before the aircraft reaches the specified days of continuous power-on operation. The power cycling is needed to prevent stale data from populating the aircraft's systems, a problem that has occurred on different 787 systems in the past. According to the directive itself, if the aircraft is powered on for more than 51 days this can lead to "display of misleading data" to the pilots, with that data including airspeed, attitude, altitude and engine operating indications. On top of all that, the stall warning horn and overspeed horn also stop working. This alarming-sounding situation comes about because, for reasons the directive did not go into, the 787's common core system (CCS) -- a Wind River VxWorks realtime OS product, at heart -- stops filtering out stale data from key flight control displays. That stale data-monitoring function going down in turn "could lead to undetected or unannunciated loss of common data network (CDN) message age validation, combined with a CDN switch failure." Solving the problem is simple: power the aircraft down completely before reaching 51 days. It is usual for commercial airliners to spend weeks or more continuously powered on as crews change at airports, or ground power is plugged in overnight while cleaners and maintainers do their thing. Read more of this story at Slashdot.
Moscow To Launch Mandatory Surveillance App To Track Residents In Coronavirus Lockdown
technology - Posted On:2020-04-02 17:00:00 Source: slashdot
An anonymous reader quotes a report from NPR: City authorities in Moscow are rolling out new digital "social monitoring" tools targeting the public, after what officials say were constant violations of the city's quarantine imposed this week to fight the spread of the new coronavirus. Under restrictions in place since Monday, most of the city's 12 million residents must remain indoors, barring a few exceptions -- like trips to the supermarket or pharmacy, taking out the trash or briefly walking the dog. But starting Thursday, Muscovites will have their movements tracked through a mandatory app required on their smartphones. Don't have one? The city says it will lend out devices. In addition, Moscow residents will be obligated to register for a government-issued QR code -- a small square matrix bar code containing personal data. What information the codes will hold isn't yet clear. But Russians must present it on their smartphones or carry a printout of their QR profiles to present to police, when requested. (City officials say they're also preparing to educate the public -- and elder Russians, in particular -- on what a QR code actually is.) The new tools will merge with existing street cameras and face recognition software to quickly identify residents who stray from their homes and/or quarantines, say authorities. President Putin also signed a bill into law on Wednesday that introduces criminal penalties for skipping quarantine and infecting others. They include fines and up to seven years in prison. Read more of this story at Slashdot.
Thank God for the Internet
technology - Posted On:2020-04-02 14:15:00 Source: slashdot
Everything is so dark, but the internet -- for all its bad and broken parts -- is helping to keep us together in a way that has never happened before, writes Joshua Topolsky in an essay on Input Mag. Two excerpts from the essay: What the hell would we do right now without the internet? How would so many of us work, stay connected, stay informed, stay entertained? For all of its failings and flops, all of its breeches and blunders, the internet has become the digital town square that we always believed it could and should be. At a time when politicians and many corporations have exhibited the worst instincts, we're seeing some of the best of what humanity has to offer -- and we're seeing it because the internet exists. I was 12 the first time I logged onto whatever was called the internet then. There were no websites to speak of, not really. No ecommerce, no banner ads, no data tracking, no spyware. iPhones hadn't been invented yet; we called apps "programs"; and I had an EGA monitor on my PC (a whole 16 colors of range). But the first time I telnetted into a chatroom about raves, made new friends in Australia, or downloaded files to load into a music tracker, I felt the same elation that I feel now. This force, propelled by people, connected by copper and light, letting us make new connections. Connections we need now more than ever. We're here together, for how long we don't know. But we're not alone. Not anymore. Read more of this story at Slashdot.
Akamai, Amazon, Netflix, Microsoft, and Google Join Internet Routing Security Effort
technology - Posted On:2020-04-02 13:00:00 Source: slashdot
A community effort to improve the internet's routing security has won the backing of some of the web's biggest names. From a report: Amazon, Google, Facebook, Microsoft, Akamai, and Netflix, among others, have signed up to the Mutually Agreed Norms for Routing Security (MANRS) group, in their roles as content delivery networks (CDNs) and cloud providers (CPs). MANRS's goal is to shore up the internet's lax security when it comes to routing people's connections around Earth. It is, essentially, depending on the circumstances, too easy for miscreants to hijack and redirect internet traffic from legit servers to malicious machines so that web browsing and other online activities can be snooped on or meddled with. This widespread issue is something that has become increasingly important in the past few years as the number and size of connectivity breakdowns and attacks on the global system have grown. Criminals and possibly government spies have realized the potential that exists in snatching people's internet traffic for surveillance, disruption, and theft. The MANRS group pushes four main approaches, two technical and two cultural: filtering, anti-spoofing, and then coordination and validation. Read more of this story at Slashdot.
A Feature on Zoom Secretly Displayed Data From People's LinkedIn Profiles
it - Posted On:2020-04-02 11:15:00 Source: slashdot
After an inquiry from The New York Times reporters, Zoom said it would disable a data-mining feature that could be used to snoop on participants during meetings without their knowledge. From a report: For Americans sheltering at home during the coronavirus pandemic, the Zoom videoconferencing platform has become a lifeline, enabling millions of people to easily keep in touch with family members, friends, students, teachers and work colleagues. But what many people may not know is that, until Thursday, a data-mining feature on Zoom allowed some participants to surreptitiously access LinkedIn profile data about other users -- without Zoom asking for their permission during the meeting or even notifying them that someone else was snooping on them. The undisclosed data mining adds to growing concerns about Zoom's business practices at a moment when public schools, health providers, employers, fitness trainers, prime ministers and queer dance parties are embracing the platform. An analysis by The New York Times found that when people signed in to a meeting, Zoom's software automatically sent their names and email addresses to a company system it used to match them with their LinkedIn profiles. Read more of this story at Slashdot.
California Governor Says 'We Need More Googles' As Company Offers Free Wi-Fi and Chromebooks To Students
technology - Posted On:2020-04-01 23:44:58 Source: slashdot
An anonymous reader quotes a report from CNBC: Google will offer 100,000 free Wi-Fi hotspots and will donate 4,000 Chromebooks to students across the state of California, governor Gavin Newsom said during a news conference Wednesday. The internet access points are supposed to help improve broadband internet in rural households across the state where internet access is either limited or very slow. Students will get access to the free Wi-Fi for a minimum of three months.There are still many parts of the state that do not have access to high-speed internet, however. "This was a substantial enhancement that came just at the right time," Newsom said. "We need more Googles," he added. The latest move comes as Newsom announced that California schools will remain closed for the remainder of the school year with many classes switching to online learning. Read more of this story at Slashdot.