Linux fréttir

An anonymous reader shares an excerpt from a report via Motherboard, written by Joseph Cox: Multiple branches of the U.S. military have bought access to a powerful internet monitoring tool that claims to cover over 90 percent of the world's internet traffic, and which in some cases provides access to people's email data, browsing history, and other information such as their sensitive internet cookies, according to contracting data and other documents reviewed by Motherboard. Additionally, Sen. Ron Wyden says that a whistleblower has contacted his office concerning the alleged warrantless use and purchase of this data by NCIS, a civilian law enforcement agency that's part of the Navy, after filing a complaint through the official reporting process with the Department of Defense, according to a copy of the letter shared by Wyden's office with Motherboard. The material reveals the sale and use of a previously little known monitoring capability that is powered by data purchases from the private sector. The tool, called Augury, is developed by cybersecurity firm Team Cymru and bundles a massive amount of data together and makes it available to government and corporate customers as a paid service. In the private industry, cybersecurity analysts use it for following hackers' activity or attributing cyberattacks. In the government world, analysts can do the same, but agencies that deal with criminal investigations have also purchased the capability. The military agencies did not describe their use cases for the tool. However, the sale of the tool still highlights how Team Cymru obtains this controversial data and then sells it as a business, something that has alarmed multiple sources in the cybersecurity industry. "The network data includes data from over 550 collection points worldwide, to include collection points in Europe, the Middle East, North/South America, Africa and Asia, and is updated with at least 100 billion new records each day," a description of the Augury platform in a U.S. government procurement record reviewed by Motherboard reads. It adds that Augury provides access to "petabytes" of current and historical data. Motherboard has found that the U.S. Navy, Army, Cyber Command, and the Defense Counterintelligence and Security Agency have collectively paid at least $3.5 million to access Augury. This allows the military to track internet usage using an incredible amount of sensitive information. Motherboard has extensively covered how U.S. agencies gain access to data that in some cases would require a warrant or other legal mechanism by simply purchasing data that is available commercially from private companies. Most often, the sales center around location data harvested from smartphones. The Augury purchases show that this approach of buying access to data also extends to information more directly related to internet usage. "The Augury platform is not designed to target specific users or user activity. The platform specifically does not possess subscriber information necessary to tie records back to any users," said Team Cymru in a statement to Motherboard. "Our platform does not provide user or subscriber information, and it doesn't provide results that show any pattern of life, preventing its ability to be used to target individuals. Our platform only captures a limited sampling of the available data, and is further restricted by only allowing queries against restricted sampled and limited data, which all originates from malware, malicious activity, honeypots, scans, and third parties who provide feeds of the same. Results are then further limited in the scope and volume of what's returned," Team Cymru said in another email. Charles E. Spirtos from the Navy Office of Information told Motherboard in an email that NCIS specifically "conducts investigations and operations in accordance with all applicable laws and regulations. The use of net flow data by NCIS does not require a warrant." He added that NCIS has not used netflow during any criminal investigation, but that "NCIS uses net flow data for various counterintelligence purposes." Meanwhile, the Department of Defense Office of the Inspector General, which the whistleblower alleges referred their complaint to the Navy, told Motherboard it had received Wyden's letter and was reviewing it. The Office of the Naval Inspector General declined to comment and directed Motherboard back to its Department of Defense counterpart. The Defense Counterintelligence and Security Agency also deferred to the Department of Defense.

Read more of this story at Slashdot.

Hint: It’s not necessarily gamers

GTC This week’s GPU Technology Conference saw Nvidia do something we haven’t see much of from the chip designer lately: refresh a consumer product.…

In an interview with Bloomberg, Microsoft President Brad Smith said the company won't label social media posts that appear to be false in order to avoid the appearance that the company is trying to censor speech online. From the report: "I don't think that people want governments to tell them what's true or false," Smith said when asked about Microsoft's role in defining disinformation. "And I don't think they're really interested in having tech companies tell them either." The comments are Smith's strongest indication yet that Microsoft is taking a unique path to tracking and disrupting digital propaganda efforts. Smith said Microsoft wanted to provide the public with more information about who is speaking, what they are saying and allow them to come to their own judgment about whether content was true. "We have to be very thoughtful and careful because -- and this is also true of every democratic government -- fundamentally, people quite rightly want to make up their own mind and they should," he said. "Our whole approach needs to be to provide people with more information, not less and we cannot trip over and use what others might consider censorship as a tactic."

Read more of this story at Slashdot.

A listing on a popular hacker forum offers 350 million Ask.FM user records for sale in what might be one of the biggest breaches of all time. Cybernews reports: The listing allegedly includes 350 million Ask.FM user records, with the threat actor also offering 607 repositories plus their Gitlab, Jira, and Confluence databases. Ask.FM is a question and answer network launched in June 2010, with over 215 million registered users. The posting also includes a list of repositories, sample git, and sample user data, as well as mentions of the fields in the database: user_id, username, mail, hash, salt, fbid, twitterid, vkid, fbuid, iguid. It appears that Ask.FM is using the weak hashing algorithm SHA1 for passwords, putting them at risk of being cracked and exposed to threat actors. In response to DataBreaches, the user who posted the database -- Data -- explained that initial access was gained via a vulnerability in Safety Center. The server was first accessed in 2019, and the database was obtained on 2020-03-14. Data also suggested that Ask.FM knew about the breach as early as back in 2020. While the breach has not been confirmed, the seller called "Data" says he will "vouch all day and night for" listed user data from Ask.FM (ASKfm), the social networking site. "I'm selling the users database of Ask.fm and ask.com," Data wrote. "For connoisseurs, you can also get 607 repositories plus their Gitlab, Jira, Confluence databases."

Read more of this story at Slashdot.

Oh cool, a 5,500-day security hole

At least 350,000 open source projects are believed to be potentially vulnerable to exploitation via a Python module flaw that has remained unfixed for 15 years.…

AmiMoJo shares a report from the Mozilla Foundation: YouTube's user controls -- buttons like "Dislike " and "Not interested" -- largely fail to help users avoid unwanted recommendations like misinformation and violent content, according to new research by Mozilla. An accompanying survey also found that YouTube's controls routinely frustrate and confuse users. Indeed, Mozilla's research found that people who are experiencing unwanted recommendations and turn to the platform's user controls for assistance prevent less than half of unwanted recommendations. This is especially troubling because Mozilla's past research shows that YouTube recommends videos that violate its very own community guidelines, like misinformation, violent content, hate speech, and spam. For example, one user in this most recent research asked YouTube to stop recommending war footage from Ukraine -- but shortly after was recommended even more grisly content from the region. The study, titled "Does This Button Work? Investigating YouTube's ineffective user controls" is the culmination of months of rigorous qualitative and quantitative research. The study was made possible by the data of more than 20,000 participants who used Mozilla's RegretsReporter browser extension, and by data about more than 500 million YouTube videos. These are the top findings, as highlighted in the report: People don't trust YouTube's user controls. More than a third (39.3%) of people surveyed felt YouTube's user controls did not impact their recommendations at all, and 23% felt the controls had a mixed response. Said one interviewee: "Nothing changed. Sometimes I would report things as misleading and spam and the next day it was back in [...] Even when you block certain sources they eventually return." People take matters into their own hands. Our study found that people did not always understand how YouTube's controls affect their recommendations, and so took a jury rigged approach instead. People will log out, create new accounts, or use privacy tools just to manage their YouTube recommendations. Said one user: "When the Superbowl came around ... if someone recommended a particular commercial, I used to log out of YouTube, watch the commercial, and then log back in." The data confirms people are right. The most "effective" user control was "Don't recommend channel," but compared to users who do not make use of YouTube's user controls, only 43% of unwanted recommendations are prevented -- and recommendations from the unwanted channel sometimes persist. Other controls were even less effective: The "Not Interested" tool prevented only 11% of unwanted recommendations. YouTube can fix this problem. YouTube has the power to confront this issue and do a better job at enabling people to control their recommendations. Our research outlines several concrete suggestions to put people back into the driver's seat, like making YouTube's controls more proactive, allowing users to shape their own experience; and giving researchers increased access to YouTube's API and other tools. Further reading: YouTube Targets TikTok With Revenue Sharing For Shorts, Partner Program Expansion

Read more of this story at Slashdot.

People who experience frequent bad dreams in middle age may experience a faster rate of cognitive decline and be at higher risk of dementia as they get older, data suggests. If confirmed, the research could eventually lead to new ways of screening for dementia and intervention to slow the rate of decline. From a report: Most people experience bad dreams from time to time, but approximately 5% of adults experience nightmares -- dreams distressing enough to wake them up -- at least once a week. Stress, anxiety, and sleep deprivation are all potential triggers, but previous research in people with Parkinson's disease has also linked frequent distressing dreams to faster rates of cognitive decline, and an increased risk of developing dementia in the future. To investigate whether the same might be true of healthy adults, Dr Abidemi Otaiku at the University of Birmingham turned to data from three previous studies that have examined people's sleep quality and then followed them over many years, assessing their brain health as well as other outcomes. This included more than 600 middle-aged adults (aged 35 to 64), and 2,600 people aged 79 and older. Their data was analysed using statistical software to find out whether those who experienced a higher frequency of distressing dreams were more likely to go on to experience cognitive decline and be diagnosed with dementia. The research, published in eClinicalMedicine, found that middle-aged people who experienced bad dreams at least once a week were four times more likely to experience cognitive decline over the following decade than those who rarely had nightmares. Among elderly participants, those who frequently reported distressing dreams were twice as likely to be diagnosed with dementia in subsequent years.

Read more of this story at Slashdot.

All eyes on you, and you, and you

San Francisco police are now set to use non-city-owned video cameras for real-time surveillance under a rule approved by the Board of Supervisors.…

You're not being fired, we're just unable to facilitate your sustained employment

Forget quiet quitting. Meta and Google have learned the art of the quiet layoff: telling staff to pick new roles after reorganizing or disbanding teams, and running out the clock on the reapplication process until some are left with no job.…

An anonymous reader quotes a report from TechCrunch: Deepfakes, AI generated porn, and a thousand more innocent uses -- there's been a lot of news about neural network-generated images. It makes sense that people started getting curious; were my photos used to train the robots? Are photos of me in the image-generating training sets? A brand new site tries to give you an answer. Spawning AI creates image generation tools for artists, and the company just launched Have I Been Trained? which you can use to search a set of 5.8 billion images that have been used to train popular AI art models. When you search the site, you can search through the images that are the closest match, based on the LAION-5B training data, which is widely used for training AI search terms. It's a fun tool to play with, and may help give a glimpse into the data that the AI is using as the basis for its own.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Nvidia is gearing up to deliver Drive Thor, its next-generation automotive-grade chip that the company claims will be able to unify a wide range of in-car technology from automated driving features and driver monitoring systems to streaming Netflix in the back for the kiddos. Thor, which goes into production in 2025, is notable not just because it's a step up from Nvidia's Drive Orin chip. It's also taking Drive Atlan's spot in the lineup. Nvidia is scrapping the Drive Atlan system on chip ahead of schedule for Thor, founder and CEO Jensen Huang said Tuesday at the company's GTC event. Ever in a race to develop bigger and badder chips, Nvidia is opting for Thor, which, at 2,000 teraflops of performance, will deliver twice the compute and throughput, according to the company. "If we look at a car today, advanced driver assistance systems, parking, driver monitoring, camera mirrors, digital instrument cluster and infotainment are all different computers distributed throughout the vehicle," said Nvidia's vice president of automotive, Danny Shapiro, at a press briefing Monday. "In 2025, these functions will no longer be separate computers. Rather, Drive Thor will enable manufacturers to efficiently consolidate these functions into a single system, reducing overall system cost." One chip to rule them all. One chip to help automakers build software-defined autonomous vehicles. One chip to continuously upgrade over-the-air. Further reading: Nvidia Announces Next-Gen RTX 4090 and RTX 4080 GPUs

Read more of this story at Slashdot.

In an in-depth teardown of the iPhone 14 Pro Max, iFixit provides a closer look at the device's internals. "Notably, the teardown includes a photo of the plastic spacer that replaced the SIM card tray on the U.S. model," reports MacRumors. From the report: All four iPhone 14 models sold in the U.S. no longer have a physical SIM card tray and rely entirely on digital eSIMs. The teardown confirms that Apple is not using the internal space freed up by the tray's removal for any other component or added functionality, and instead filled in the gap with a square piece of plastic. Outside of the U.S., all iPhone 14 models are still equipped with a SIM card tray in this space. As seen in previous teardowns, iFixit provided close-up images of the iPhone 14 Pro Max's logic board, which is equipped with a faster A16 Bionic chip and Qualcomm's Snapdragon X65 modem that provides both 5G and satellite connectivity. While the standard iPhone 14 and iPhone 14 Plus can be opened from the back side, and feature a more repairable design with an easily removable display and back glass panel, these design changes do not extend to the Pro models. The teardown shows that the iPhone 14 Pro Max continues to open from the front and does not have removable back glass. The internal design of the device is largely unchanged from the iPhone 13 Pro Max.

Read more of this story at Slashdot.

Jesse Powell, co-founder of crypto exchange Kraken, is planning to step down as CEO, Kraken confirmed with CoinDesk. The Wall Street Journal first reported on the news. From the report: Kraken's current chief operating officer, Dave Ripley, will take over as CEO once someone is hired to fill Ripley's position. According to a press release issued by the company, Powell plans to remain involved with Kraken. He will become chairman of Kraken's board and will continue working on product development and crypto industry advocacy. The outspoken Powell, an early advocate of bitcoin (BTC) who founded Kraken in 2011, has been at the center of several company-related controversies this year. In June, Powell criticized a contingent of "woke activists" inside the company and told unhappy employees to quit, sparking a social-political debate that roiled the crypto industry and beyond. In July, reports emerged that Kraken was being investigated by the U.S. Treasury Department for allegedly allowing Iranian users to use the platform -- a violation of international sanctions against the Iranian regime. Powell has denied that these controversies spurred his decision to step down as CEO, telling Bloomberg that he informed Kraken's board of his impending departure over a year ago. Instead, he chalked up the decision to something much more banal -- boredom. "As the company has gotten bigger, it's just gotten to be more draining on me, less fun," Powell told Bloomberg.

Read more of this story at Slashdot.

Sebastian Thrun, the CEO of Kitty Hawk, informed employees on Wednesday the company was laying them off, according to a news report. The company also posted the news on its LinkedIn page. From the report: Sources inside the company told Insider that Kitty Hawk had recently wound down work on its most recent flying-car project, Heaviside, and reverted to research-and-development mode with Google co-founder Larry Page more closely involved with the work. However, it appears the company couldn't see a way forward. Laid-off staff have been given four months of severance pay, an employee said. Thrun, a self-driving car pioneer and a Google veteran, founded Kitty Hawk in 2010, and Page financially propped it up. Insiders said Page remained the sole bankroller of Kitty Hawk throughout its lifetime. He became increasingly hands-off over the years, though he would involve himself in newer projects as they sprung up, including an internal initiative to make flying cars run more quietly. The company produced several prototype models of its flying cars, including Flyer, which the company shuttered in 2020. Heaviside, its most recent model, was designed to be quieter for flying in densely populated environments. In 2019 the company also spun up Wisk, a joint venture between Kitty Hawk and Boeing, which will continue.

Read more of this story at Slashdot.

Japanese super-tycoon to discuss 'stategic alliance' with electronics chaebol

SoftBank mogul Masayoshi Son reportedly plans to meet executives at Samsung Electronics in Seoul to discuss a partnership between the Japanese mega-conglomerate's Arm subsidiary and the South Korean foundry giant.…

An anonymous reader quotes a report from Ars Technica: The US National Transportation Safety Board (NTSB) yesterday recommended that all new vehicles be equipped with alcohol detection systems that can stop people from driving while drunk. The NTSB can't issue such a regulation on its own but urged the National Highway Traffic Safety Administration (NHTSA) to do so. The NTSB said it "is recommending measures leveraging new in-vehicle technologies that can limit or prohibit impaired drivers from operating their vehicles as well as technologies to prevent speeding." If adopted, this would require "passive vehicle-integrated alcohol impairment detection systems, advanced driver monitoring systems or a combination of the two that would be capable of preventing or limiting vehicle operation if it detects driver impairment by alcohol," the NTSB said. The agency urged the NHTSA to "require all new vehicles to be equipped with such systems." Under a US law enacted last year, the NHTSA is already required to examine whether it can issue this type of rule. While drunk driving is a longstanding problem that has caused many deaths, the NTSB said its recommendation was spurred by its investigation into one crash that killed nine people -- including seven children -- in January 2021 on State Route 33 near Avenal, California. On that two-lane highway with a speed limit of 55 mph, an SUV driver leaving a New Year's Day gathering "was driving at a speed between 88 and 98 mph," the NTSB report said. [...] Section 24220 of the Bipartisan Infrastructure LawSection 30111 of Title 49 in US law, it can delay issuing a rule for three years and submit annual reports to Congress describing the reasons for not issuing the rule. Each annual report would also have to contain an update on "the deployment of advanced drunk and impaired driving prevention technology in vehicles." In writing the law, Congress noted that "in 2019, there were 10,142 alcohol-impaired driving fatalities in the United States involving drivers with a blood alcohol concentration level of .08 or higher, and 68 percent of the crashes that resulted in those fatalities involved a driver with a blood alcohol concentration level of .15 or higher." Congress also cited a study by the Insurance Institute for Highway Safety estimating that "advanced drunk and impaired driving prevention technology can prevent more than 9,400 alcohol-impaired driving fatalities annually."

Read more of this story at Slashdot.

You boffins need to figure out who owns what before someone gets sued

Getty Images has banned people from uploading AI-generated pictures to its massive stock image collection, citing concerns over copyright.…

Florida's attorney general on Wednesday asked the Supreme Court to decide whether states have the right to regulate how social media companies moderate content on their services, a move that sends one of the most controversial debates of the internet age to the country's highest court. From a report: In its petition, the state asks the court to determine whether the First Amendment prohibits a state from requiring that platforms host certain communications and also whether the states can require companies to provide an explanation to users when they remove their posts. The petition sets up the most serious test to date of assertions that Silicon Valley companies are unlawfully censoring conservative viewpoints. The decision could have wide-ranging effects on the future of democracy and elections, as tech companies play an increasingly significant role in disseminating news and information about politics. Critics of the state social media laws and tech industry representatives also warn that if the Florida law were to take effect, it could lead to a torrent of hate speech, misinformation and other violent content that some major social media companies' policies currently prohibit. The petition is a response to a decision by the U.S. Court of Appeals for the 11th Circuit earlier this year that major provisions of a Florida social media law violated the Constitution's First Amendment. The law would bar companies from banning politicians from their services.

Read more of this story at Slashdot.

US ISP still plans to appeal after latest ruling

A Dallas judge has reduced the amount Charter Communications must pay the family of a subscriber murdered by one of its Spectrum cable technicians.…

tlhIngan writes: The iPhone 14's "dynamic island" feature is where the pinhole used for the front facing camera is replaced by a pill shaped cutout that can be filled with "useful" snippets of information. It's basically used to help hide the black hole caused by the pinhole camera (as an alternative to the notch) or pill by multiple cameras. Apparently the feature is so innovative, Chinese cellphone company realme is asking its fans for ideas on how to copy, but not copy, the feature. They're asking for submissions in images, GIFs, text or other form on how a "realme Island" should work.

Read more of this story at Slashdot.