Electronic Frontier Foundation

EFF: Thousands of People Have Secure Messaging Clients Infected By Spyware (eff.org) 35

An anonymous reader quotes the EFF: The Electronic Frontier Foundation (EFF) and mobile security company Lookout have uncovered a new malware espionage campaign infecting thousands of people in more than 20 countries. Hundreds of gigabytes of data has been stolen, primarily through mobile devices compromised by fake secure messaging clients. The trojanized apps, including Signal and WhatsApp, function like the legitimate apps and send and receive messages normally. However, the fake apps also allow the attackers to take photos, retrieve location information, capture audio, and more.

The threat, called Dark Caracal by EFF and Lookout researchers, may be a nation-state actor and appears to employ shared infrastructure which has been linked to other nation-state actors. In a new report, EFF and Lookout trace Dark Caracal to a building belonging to the Lebanese General Security Directorate in Beirut. "People in the U.S., Canada, Germany, Lebanon, and France have been hit by Dark Caracal. Targets include military personnel, activists, journalists, and lawyers, and the types of stolen data range from call records and audio recordings to documents and photos," said EFF Director of Cybersecurity Eva Galperin. "This is a very large, global campaign, focused on mobile devices. Mobile is the future of spying, because phones are full of so much data about a person's day-to-day life."

Dark Caracal apparently gets installed through carefully-targeted spearphishing attacks, accoridng to the EFF. "Several types of phishing emails directed people -- including military personnel, activists, journalists, and lawyers -- to go to a fake app store-like page, where fake Android apps waited. There is even evidence that, in some cases, Dark Caracal used physical access to people's phones to install the fake apps."
Technology

The Astronomer Who Is Building the Largest Map of Space by Volume (vice.com) 26

An anonymous reader shares a Motherboard report: Astronomer Mark Halpern doesn't come into work every day thinking about the fact that he is leading a team that is creating the biggest map of the universe by volume ever made. But that ambition drives his research. An professor at the University of British Columbia, Halpern is also the principal investigator of the Canadian Hydrogen Intensity Mapping Experiment, or CHIME for short, based at the Dominion Radio Astrophysical Observatory in Penticton, BC. The experiment is a collaboration between UBC, the University of Toronto, McGill, and the National Research Council of Canada. Its centerpiece is a massive halfpipe-shaped telescope that collects radio signals to detect hydrogen intensity, which is a measure of how much hydrogen is clustered in the universe, and if it has moved or spread out. The researchers can then analyse the spread of hydrogen in the universe to determine how much -- and how quickly -- the universe is expanding. "If I make a sound somewhere, it travels away from that sound in a spherical shell," Halpern said. "So we're going to map these big spherical shells as a function of distance from us, and by comparing their present speed to how big they look, that comparison tells us the expansion history of the universe."


The Almighty Buck

Canadian Charged With Running LeakedSource.com, Selling Stolen Info (reuters.com) 27

A Canadian man accused of operating the LeakedSource.com website, a major repository of stolen online credentials, has been arrested and charged with trafficking in billions of stolen personal identity records, the Royal Canadian Mounted Police (RCMP) said on Monday. From a report: The site, which was shut down in early 2017, had collected details from a string of major breaches and made them accessible and searchable for a fee. The man, 27-year-old Jordan Evan Bloom, is due to appear in a Toronto court on Monday to hear charges that as administrator of the site he collected some C$247,000 from the sale of stolen records and associated passwords.
Businesses

Following Other Credit Cards, Visa Will Also Stop Requiring Signatures (siliconbeat.com) 171

An anonymous reader quotes SiliconBeat: Visa, the largest U.S. credit card issuer, became the last of the major credit card companies to announce its plan to make signatures optional... Visa joined American Express, Discover, and Mastercard in the phase-out. Mastercard was the first one to announce the move in October, and American Express and Discover followed suit in December... However, this change does not apply to every credit card in circulation; older credit cards without EMV chips will still require signatures for authentication... Since 2011, Visa has deployed more than 460 million EMV chip cards and EMV chip-enabled readers at more than 2.5 million locations.
"Businesses that accepted EMV cards reported a 66 percent decline in fraud in the first two years of EMV deployment," the article notes -- suggesting a future where fewer shoppers are signing their receipts.

"In Canada, Australia and most of Europe, credit cards have long abandoned the signature for the EMV chip and a PIN to authenticate the transaction, like one does with a debit card."
Crime

Kansas 'Swat' Perpetrator Charged; Faces 11 More Years in Prison (latimes.com) 427

Jail time looms for 25-year-old Tyler Barriss, whose fake call to Kansas police led to a fatal shooting:
  • Barriss was charged with involuntary manslaughter, and if convicted "could face up to 11 years and three months in prison." He was also charged with making a false alarm, which is considered a felony. The District Attorney adds that others have also been identified as "potential suspects" in the case, but they're still deciding whether to charge them.
  • Friday Barriss gave his first interview to a local news outlet -- from jail. "Of course, you know, I feel a little of remorse for what happened," he tells KWCH. "I never intended for anyone to get shot and killed. I don't think during any attempted swatting anyone's intentions are for someone to get shot and killed..."

    Asked about the call, Barriss acknowledged that "It hasn't just affected my life, it's affected someone's family too. Someone lost their life. I understand the magnitude of what happened. It's not just affecting me because I'm sitting in jail. I know who it has affected. I understand all of that."
  • Barriss has also been charged in Calgary with public mischief, fraud and mischief for another false phone call, police said, though it's unlikely he'll ever be arrested unless he enters the country. Just six days before the fatal shooting, Barriss had made a nearly identical call to police officers in Canada, this time supplying the address of a well-known video gamer who livestreams on Twitch, and according to one eyewitness more than 20 police cars surrounded her apartment building for at least half an hour.

AI

French Songwriter Kiesza Composes First Mainstream Music Album Co-Written With AI (bbc.com) 51

dryriver shares a report from the BBC, highlighting "a new album that features everything from cowboy sci-fi to Europop." What's special about the album -- Hello World by Canadian singer Kiesza -- is that it's the first full-length mainstream music album co-written with the help of artificial intelligence. You can judge the quality for yourself: First, view the single "Hellow Shadow" with Canadian singer Kiesza. Next, the BBC story, which seems to think that the album is actually rather good: "Benoit Carre has written songs for some of France's biggest stars: from Johnny Halliday -- the French Elvis, who died last year -- to chanteuse Francoise Hardy. But this month, the 47-year-old is releasing an album with a collaborator he could never have dreamt of working with. It's not a singer, or rapper. It's not even really a musician. It's called Flow Machines, and it is, arguably, the world's most advanced artificially-intelligent music program. For musicians, there's been one good thing about these projects so far: the music they've produced has been easy to dismiss, generic and uninspiring -- hardly likely to challenge Bob Dylan in the songwriting department. But Carre's album, Hello World, is different for the simple reason that it's good. Released under the name SKYGGE (Danish for shadow), it features everything from sci-fi cowboy ballads to Europop, and unlike most AI music, if you heard it on the radio, you wouldn't think something had gone horribly wrong. Flow Machines, developed at Sony's Computer Science Laboratories in Paris, does indeed write original melodies, Carre adds. It also suggests the chords and sounds to play them with. But Carre says a human is always needed to stitch the songs together, give them structure and emotion. Without people, its songs would be a bit rubbish. "There were many people involved in this," he says, listing the likes of Belgian house producer Stromae and Canadian pop star Kiesza. "They gave their soul, their enthusiasm. I think that's the most important point of the album, in a way -- that it's a very human one.'"
Social Networks

Snapchat's Big Redesign Bashed In 83 Percent of User Reviews (techcrunch.com) 113

The new Snapchat redesign that jams Stories in between private messages is not receiving a whole lot of praise. "In the few countries including the U.K., Australia, and Canada where the redesign is widely available, 83 percent of App Store reviews (1,941) for the update are negative with one or two stars, according to data by mobile analytics firm Sensor Tower," reports TechCrunch. "Just 17 percent, or 391 of the reviews, give it three to five stars." From the report: The most referenced keywords in the negative reviews include "new update," "Stories," and "please fix." Meanwhile, Snapchat's Support Twitter account has been busy replying to people who hate the update and are asking to uninstall it, noting "It's not possible to revert to a previous version of Snapchat," and trying to explain where Stories are to confused users. Hopes were that the redesign could boost Snapchat's soggy revenue, which fell short of Wall Street earnings expectations in Q3 and led to a loss of $443 million. The redesign mixes Stories, where Snapchat shows ads but which have seen stagnation in sharing rates amidst competition from Instagram Stories, into the more popular messaging inbox, where Snapchat's ephemeral messaging is more differentiated and entrenched.
Cellphones

Future Samsung Phones Will Have a Working FM Radio Chip (androidpolice.com) 215

A few months ago, LG announced a partnership with NextRadio to unlock the FM chip in its smartphones. Now, Samsung is doing the same. Android Police reports: NextRadio made the announcement, rightly explaining that FM radio is essential in areas with low connectivity and in emergency and disaster situations where a connection might be difficult to obtain or maintain and where access to information could be a matter of life and death. With the chip unlocked, users will be able to listen to local radio on their phone using the NextRadio Android app. The press release mentions that "upcoming [Samsung] smartphone models in the U.S. and Canada" will have the FM chip unlocked, however I did find several existing Samsung devices with their FM chip enabled on NextRadio's site.
United States

2018 Is the Last Year of America's Public Domain Drought (vice.com) 275

An anonymous reader shares a report: Happy Public Domain Day, every-some of you! In New Zealand and Canada, published works by artists who died in 1967 -- Rene Magritte, Dorothy Parker, John Coltrane, and many others -- have entered the public domain; Kiwis and Canadians can now freely distribute, perform, and remix a wealth of painting, writing, and music. In Europe, work published by artists who died in 1947 are now public domain. In the United States, well, we get nothing for the 20th year in a row, with one more to go. Our public domain drought is nearly old enough to drink. American copyrights now stretch for 95 years. Since 1998, we've been frozen with a public domain that only applies to works from before 1923 (and government works). Jennifer Jenkins is a clinical professor of law at Duke Law School, which hosts the Center for the Study of the Public Domain. In an email she explained what changed and why nothing has entered American public domain for two decades. "Until 1978, the maximum copyright term was 56 years from the date of publication -- an initial term of 28 years, renewable for another 28 years," she wrote. "In 1998, Congress added 20 years to the copyright term, extending it to the author's lifetime plus 70 years, or 95 years after publication for corporate 'works made for hire.'"
Movies

Movie Ticket Sales Hit A 22-Year Low in 2017 (msn.com) 162

An anonymous reader quotes the Los Angeles Times: Hollywood is celebrating the end of 2017 with astronomical sales from "Star Wars: The Last Jedi," which is on track to soon exceed $1 billion in global ticket sales and eventually become the biggest movie of the year. But that won't be enough to write a happy storyline for the industry. Although movie ticket sales in the U.S. and Canada are expected to dip just below last year's record of $11.38 billion, the number of tickets sold is projected to drop 4% to 1.26 billion -- the lowest level since 1995, according to preliminary estimates from studio executives.

The falloff in ticket sales can mostly be explained by a handful of movies that flopped, especially during the dreary summer season that posted the worst results in more than two decades. Even such massive hits as "Wonder Woman," "Thor: Ragnarok" and "It" couldn't make up for a lackluster summer lineup populated by rickety franchises ("Alien: Covenant") and poorly reviewed retreads ("The Mummy"). However, the long-term decline in attendance reflects systemic challenges facing the industry. Audiences are spending less time going to the movies and are consuming more entertainment on small screens and through streaming services such as Netflix and Amazon that are spending billions on original video content. At the same time, while higher ticket prices have helped to offset attendance declines, they have made consumers pickier about what movies they're willing to go see. And those increasingly discerning consumers turn to social media and Rotten Tomatoes to decide what's worth their time and money.

Programming

Russia Lost a $45 Million Satellite Because 'They Didn't Get the Coordinates Right' (gizmodo.com) 101

Last month, Russia lost contact with a 6,062-pound, $45 million satellite. Turns out, that happened because the Meteor-M weather satellite was programmed with the wrong coordinates. Gizmodo reports: On Wednesday, Russian Deputy Prime Minister Dmitry Rogozin told the Rossiya 24 state TV channel that a human error was responsible for the screw-up, according to Reuters. While the Meteor-M launched last month from the Vostochny cosmodrome in the Far East, it was reportedly programmed with take-off coordinates for the Baikonur cosmodrome, which is located in southern Kazakhstan. "The rocket was really programmed as if it was taking off from Baikonur," Rogozin said. "They didn't get the coordinates right." And the rocket had some precious cargo on board: "18 smaller satellites belonging to scientific, research and commercial companies from Russia, Norway, Sweden, the U.S., Japan, Canada and Germany," Reuters reported.
Social Networks

Obama Warns Against Irresponsible Social Media Use (bbc.com) 360

In his first interview since leaving the White House in January, former President Barack Obama spoke about the dangers of irresponsible use of social media. From a report on BBC: He warned that such actions were distorting people's understanding of complex issues, and spreading misinformation. "All of us in leadership have to find ways in which we can recreate a common space on the internet," he said. The former president expressed concern about a future where facts are discarded and people only read and listen to things that reinforce their own views. "One of the dangers of the internet is that people can have entirely different realities. They can be cocooned in information that reinforces their current biases. The question has to do with how do we harness this technology in a way that allows a multiplicity of voices, allows a diversity of views, but doesn't lead to a Balkanisation of society and allows ways of finding common ground," he said.
Businesses

Movie Theaters Were Already in Trouble. With Disney's Fox Deal, It's Double (bloomberg.com) 193

Disney's acquisition of Fox's film studio will unite some of the most lucrative movie franchises, from Disney's Star Wars and Marvel series to Fox's X-Men and Avatar. With control of more blockbusters, not only does Disney gain more leverage over theater chains such as AMC and Carmike Cinemas, it also wins more films it could distribute exclusively on its upcoming online service -- cutting out cinema operators entirely. From a report: "Disney is becoming the Wal-Mart of Hollywood: huge and dominant," says Barton Crockett, a media analyst at B. Riley FBR. "That's going to have a big influence up and down the supply chain." Together, Disney and Fox accounted for 40 percent of ticket sales in 2016 in the U.S. and Canada, a level of market concentration that could draw scrutiny from Washington. If the deal goes through, theater owners could get squeezed. Usually a film's box-office revenue is split evenly between exhibitors and the studio. But Disney previously has gotten theaters to hand over a larger share -- sometimes more than 60 percent -- on its biggest, most popular films, such as the Star Wars series. Now it could try the same tactic with Fox's Avatar, which has four sequels in the works. "While the future of movie exhibition looks increasingly dim, a Disney-Fox merger will elevate its level of pain," says Rich Greenfield, an analyst at BTIG LLC. Cinema chains have already suffered this year from a string of box-office bombs, including Warner Bros' King Arthur: Legend of the Sword, and online video services such as Netflix are keeping more moviegoers at home.
Social Networks

The Lower Your Social Class, the 'Wiser' You Are, Suggests New Study (sciencemag.org) 311

Wisdom -- the ability to take the perspectives of others into account and aim for compromise -- comes much more naturally to those who grow up poor or working class, according to a new study by social psychologist Igor Grossman at the University of Waterloo in Canada and his colleagues. Science Magazine reports: To conduct the study, Grossmann and his graduate student Justin Brienza embarked on a two-part experiment. First, they asked 2145 people throughout the United States to take an online survey. Participants were asked to remember a recent conflict they had with someone, such as an argument with a spouse or a fight with a friend. They then answered 20 questions applicable to that or any conflict, including: "Did you ever consider a third-party perspective?" "How much did you try to understand the other person's viewpoint?" and "Did you consider that you might be wrong?" Grossmann and Brienza crunched the data and assigned the participants both a "wise reasoning" score based on the conflict answers and a "social class" score, then plotted the two scores against one another. They found that people with the lowest social class scores -- those with less income, less education, and more worries about money -- scored about twice as high on the wise reasoning scale as those in the highest social class. The income and education levels ranged from working class to upper middle class; neither the very wealthy nor the very poor were well represented in the study.

In the second part of the experiment, the duo recruited 200 people in and around Ann Arbor, Michigan, to take a standard IQ test and read three letters to the Dear Abby advice column. One letter, for example, asked about choosing sides in an argument between mutual friends. Each participant then discussed with an interviewer how they thought the situations outlined in the letters would play out. A panel of judges scored their responses according to various measures of wise reasoning. In the example above, thinking about how an outsider might view the conflict would earn points toward wisdom, whereas relying only on one's own perspective would not. As with the first part of the experiment, those in lower social classes consistently had higher wise-reasoning scores than those in higher social classes, the researchers reported today in the Proceedings of the Royal Society B. IQ scores, however, weren't associated one way or another with wise reasoning.

Medicine

A Federal Ban On Making Lethal Viruses Is Lifted (nytimes.com) 156

schwit1 shares a report from The New York Times (Warning: source may be paywalled; alternative source): Federal officials on Tuesday ended a moratorium imposed three years ago on funding research that alters germs to make them more lethal. Such work can now proceed, said Dr. Francis S. Collins, the head of the National Institutes of Health, but only if a scientific panel decides that the benefits justify the risks. Some scientists are eager to pursue these studies because they may show, for example, how a bird flu could mutate to more easily infect humans, or could yield clues to making a better vaccine.

Critics say these researchers risk creating a monster germ that could escape the lab and seed a pandemic. Now, a government panel will require that researchers show that their studies in this area are scientifically sound and that they will be done in a high-security lab. The pathogen to be modified must pose a serious health threat, and the work must produce knowledge -- such as a vaccine -- that would benefit humans. Finally, there must be no safer way to do the research. "We see this as a rigorous policy," Dr. Collins said. "We want to be sure we're doing this right."
"Now where are those twelve monkeys?" adds schwit1.
Science

The Science That's Never Been Cited (nature.com) 91

An anonymous reader quotes a report from Nature: One widely repeated estimate, reported in a controversial article in Science in 1990, suggests that more than half of all academic articles remain uncited five years after their publication. Scientists genuinely fret about this issue, says Jevin West, an information scientist at the University of Washington in Seattle who studies large-scale patterns in research literature. After all, citations are widely recognized as a standard measure of academic influence: a marker that work not only has been read, but also has proved useful to later studies. Researchers worry that high rates of uncitedness point to a heap of useless or irrelevant research. In reality, uncited research isn't always useless. What's more, there isn't really that much of it, says Vincent Lariviere, an information scientist at the University of Montreal in Canada.

To get a better handle on this dark and forgotten corner of published research, Nature dug into the figures to find out how many papers actually do go uncited (explore the full data set and methods). It is impossible to know for sure, because citation databases are incomplete. But it's clear that, at least for the core group of 12,000 or so journals in the Web of Science -- a large database owned by Clarivate Analytics in Philadelphia, Pennsylvania -- zero-citation papers are much less prevalent than is widely believed. Web of Science records suggest that fewer than 10% of scientific articles are likely to remain uncited. But the true figure is probably even lower, because large numbers of papers that the database records as uncited have actually been cited somewhere by someone.
"The new figures [...] suggest that in most disciplines, the proportion of papers attracting zero citations levels off between five and ten year after publication, although the proportion is different in each discipline," the report adds. "Of all biomedical-sciences papers published in 2006, just 4% are uncited today; in chemistry, that number is 8% and in physics, it is closer to 11%. In engineering and technology, the uncitedness rate of the 2006 cohort of Web of Science-indexed papers is 24%, much higher than in the natural sciences."
Canada

Canadian Cellphone Bills Are Some of the Highest In the World, Says Report (straight.com) 184

Freshly Exhumed shares a report from Straight: A report released this week by the Ministry of Innovation, Science, and Economic Development (ISED) confirms that Canada ranks among the top three most costly countries for mobile wireless plans. Comparing the U.K, Italy, France, Australia, Japan, and the U.S. on six tiers of pricing -- which looked at talk-time, texts, and data -- the document shows that Canada has the most expensive mid-range and higher-tier plans in the world. "It is unacceptable that Canadians continue to pay ever-rising prices year after year for something as critical as mobile communications services," said Katy Anderson, Digital Rights Advocate at OpenMedia.
Medicine

Contact Lens Startup Hubble Sold Lenses With a Fake Prescription From a Made-up Doctor (qz.com) 325

Alison Griswold, reporting for Quartz: The Hubble contacts sitting in front of me are everything the ads promised: two weeks' worth of soft, daily lenses in robin's-egg-blue packaging. They arrived promptly, one week after I placed an order on Hubble's website, and three days after the company notified me the contacts had shipped. The lenses were packed in cream-colored boxes and came with a five-step guide, illustrated in different shades of pastel. There's only one problem: I don't wear contacts, and I ordered these using a fake prescription from a made-up doctor. Hubble was founded in May 2016 as a direct-to-consumer contact lens brand -- the Warby Parker of contacts, if you will. The company aims to make buying contact lenses as cheap and easy as shopping on Amazon. It has fast become a star of New York's startup scene, raising more than $30 million from investors that include Founders Fund and Greycroft Partners. Its valuation tops $200 million. Since the service officially launched in November 2016, Hubble claims to have sold $20 million worth of lens subscriptions, and says it's growing 20% month over month. Hubble expanded to Canada in August and plans to be in the UK as early as January. Quick service, cheap contacts, and whimsical branding have made Hubble a speedy success. But in its rush to disrupt the consumer experience, Hubble also appears to be playing fast and loose with some basic consumer protections.
Databases

Searchable Database of 1.4 Billion Stolen Credentials Found On Dark Web (itworldcanada.com) 72

YVRGeek shares a report from IT World Canada: A security vendor has discovered a huge list of easily searchable stolen credentials in cleartext on the dark web, which it fears could lead to a new wave of cyber attacks. Julio Casal, co-founder of identity threat intelligence provider 4iQ, which has offices in California and Spain, said in a Dec. 8 blog his firm found the database of 1.4 billion username and password pairs while scanning the dark web for stolen, leaked or lost data. He said the company has verified at least a group of credentials are legitimate. What is alarming is the file is what he calls "an aggregated, interactive database that allows for fast (one second response) searches and new breach imports." For example, searching for "admin," "administrator" and "root" returned 226,631 passwords of admin users in a few seconds. As a result, the database can help attackers automate account hijacking or account takeover. The dump file was 41GB in size and was found on December 5th in an underground community forum. The total amount of credentials is 1,400,553,869.
Medicine

Synthetic DNA-Based Drug Is First To Slow Progress of Huntington's Disease (theguardian.com) 35

John.Banister writes: The Guardian reports of early success in the trial of a synthetic DNA based drug, Ionis-HTTRx, at University College London's Huntington's Disease Center. Bionews explains that this gene silencing drug binds to the RNA transcript of the faulty huntingtin gene, triggering its destruction before it can go on to make the huntingtin protein. There's much excited speculation that the same technique could be used for Alzheimer's and Parkinson's disease, once people know which genes to target. "The trial involved 46 men and women with early stage Huntington's disease in the UK, Germany and Canada," reports The Guardian. "The patients were given four spinal injections one month apart and the drug dose was increased at each session; roughly a quarter of participants had a placebo injection. After being given the drug, the concentration of harmful protein in the spinal cord fluid dropped significantly and in proportion with the strength of the dose. This kind of closely matched relationship normally indicates a drug is having a powerful effect."

Slashdot Top Deals