Tech Today w/ Ken May

Archive for August, 2017

The IRS Decides Who To Audit By Data Mining Social Media

Posted by kenmay on August - 30 - 2017

In America the Internal Revenue Service used to pick who got audited based on math mistakes or discrepancies with W-2 forms — but not any more. schwit1 shares an article from the Vanderbilt Journal of Entertainment and Technology Law describing their new technique: The IRS is now engaging in data mining of public and commercial data pools (including social media) and creating highly detailed profiles of taxpayers upon which to run data analytics. This article argues that current IRS practices, mostly unknown to the general public, are violating fair information practices. This lack of transparency and accountability not only violates federal law regarding the government’s data collection activities and use of predictive algorithms, but may also result in discrimination. While the potential efficiencies that big data analytics provides may appear to be a panacea for the IRS’s budget woes, unchecked these activities are a significant threat to privacy [PDF]. Other concerns regarding the IRS’s entrée into big data are raised including the potential for political targeting, data breaches, and the misuse of such information. While tax evasion cost the U.S.$3 trillion between 2000 and 2009, one of the report’s authors argues that people should be aware âoethat what they say and do onlineâ could be used against them. Read more of this story at Slashdot.

Categories: reader

Massive New Spambot Ensnares 711,000,000 Email Addresses

Posted by kenmay on August - 30 - 2017

An anonymous reader quotes ZDNet: A huge spambot ensnaring 711 million email accounts has been uncovered. A Paris-based security researcher, who goes by the pseudonymous handle Benkow, discovered an open and accessible web server hosted in the Netherlands, which stores dozens of text files containing a huge batch of email addresses, passwords, and email servers used to send spam. Those credentials are crucial for the spammer’s large-scale malware operation to bypass spam filters by sending email through legitimate email servers. The spambot, dubbed “Onliner, ” is used to deliver the Ursnif banking malware into inboxes all over the world. To date, it’s resulted in more than 100, 000 unique infections across the world, Benkow told ZDNet. Troy Hunt, who runs breach notification site Have I Been Pwned, said it was a “mind-boggling amount of data.” Hunt, who analyzed the data and details his findings in a blog post, called it the “largest” batch of data to enter the breach notification site in its history… Those credentials, he explained, have been scraped and collated from other data breaches, such as the LinkedIn hack and the Badoo hack, as well also other unknown sources. The data includes information on 80 million email servers, and it’s all used to identify which recipients have Windows computers, so they can be targeted in follow-up emails delivering Windows-specific malware. Read more of this story at Slashdot.

Categories: reader

Enlarge (credit: Yuri Samoilov ) A now-fired Philadelphia cop has been behind bars for almost two years for refusing to decrypt hard drives that authorities found at his residence as part of a federal child-porn investigation. On Thursday, his lawyers are set to ask a federal judge to release him while he appeals the reason for his confinement to the Supreme Court. If the justices take the case, it would be the first time they weighed the constitutionality of whether forcing somebody to decrypt hardware amounts to a Fifth Amendment violation. Francis Rawls The dispute concerns Francis Rawls, who has been serving an indefinite jail term after being held in contempt of court for refusing to unlock at least two FileVault-encrypted drives connected to an Apple Mac Pro. He has not been charged with any criminal offense even though the contempt order  (PDF) was issued September 30, 2015. Both a federal judge and the 3rd US Circuit Court of Appeals  did not agree with Rawls’ contention that forcing him to unlock the drives amounted to a violation of his Fifth Amendment right against being compelled to testify against oneself. The courts also concluded that it was a “foregone conclusion” that kid porn was on the drives because a forensic examination revealed that the “hash” values of the files have been linked by the authorities to known child pornography. Read 4 remaining paragraphs | Comments

Categories: reader

Horrifying Blade Runner short film serves as prequel to 2049

Posted by kenmay on August - 30 - 2017

2036: Nexus Dawn , directed by Luke Scott, shows us a key moment in history between the original Blade Runner and Blade Runner 2049 . With Blade Runner 2049 hitting theaters October 6, you might be wondering what’s been going on in the 30 years since the last film ended. The original Blade Runner ended ambiguously in 2017 when Deckard fled Los Angeles with the replicant Rachael. Now you can watch a short film called 2036: Nexus Dawn , directed by Luke Scott, who helmed the 2016 horror film Morgan . Nexus Dawn focuses on one, key meeting between biotech magnate Neander Wallace (Jared Leto) and some officials. We’re getting a feel for Wallace’s fragility and hubris here. Though he’s appeared as a builder of replicants in the 2049 trailers , it wasn’t clear who he was or how he fit into the story. Now we know he holds patents to some kind of agriculture-related biotech that saved the world from starvation. Wallace is also kind of a classic mad scientist, obsessed with creating new life. He shows the people at this meeting the Nexus 9, a new kind of replicant that lives as long as his human owner desires and will never disobey orders or run away. At Comic-Con last month, the filmmakers revealed what happened between the two films in a quick chart projected onscreen: Read 3 remaining paragraphs | Comments

Categories: reader

An autonomous Ford Fusion will deliver Domino’s in Michigan

Posted by kenmay on August - 30 - 2017

Domino’s has been experimenting with high-tech delivery methods for years, from UAVs to drones with wheels . This time, the pizza chain might send a self-driving Ford Fusion to deliver your food if you’re in Ann Arbor, Michigan. Domino’s has teamed up with the automaker to test people’s response to an autonomous delivery car. They’ll use one Fusion equipped with all the trappings of a self-driving vehicle, including Ford’s full suite of cameras, sensors, radar and LIDAR, to deliver pizza for the month-long test. Despite the full equipment, a human engineer will be behind the wheel, since the test is all about observing customers’ reactions. He’ll be hidden behind tinted windows, though, and won’t be ringing anybody’s doorbell. Customers who agree to be part of the trial will get a text when their order arrives. They’ll then have to walk out, meet the car, punch in the last four digits of their phone number on a touchscreen display installed at the rear passenger-side window and take out the pizza from a warming oven inside. The partners will be keeping an eye on whether customers are willing to meet the self-driving car at the curb or if they want it to park in their driveway. They’ll observe how long it takes for people to punch in their codes and to take out their pizza from the oven. Most importantly, the test will help them determine if people are inclined to touch the car’s pricey LIDAR system spinning atop the vehicle. Ford will tweak the self-driving Fusion based on the trial’s results — we’ll bet the LIDAR system will end up hidden inside a tough casing if customers can’t stop themselves from touching. The trial is a perfect fit for the automaker’s vision for its self-driving vehicles. Like many other companies working on autonomous vehicles, Ford aims to develop a self-driving car with no steering wheel, brake and accelerator pedals. The automaker plans to use them for ride-sharing fleets, but it believes the vehicle has many other potential applications, including delivery. Sherif Marakby, Ford VP of autonomous and electric vehicles, said: “It’s not just ride-sharing and ride-moving or people moving, but it’s also moving the goods. We develop the plan to go to market as we develop the tech. We work with partners (and) this is one example. There will be more in the future.” Source: Ford Motor Company , The Detroit News , Bloomberg

Categories: reader

From collecting seashells for the inlay, harvesting tree sap for the lacquer, to adding the final touches, creating these stunning lacquer boxes in traditional Korean style takes about a year. (more…)

Categories: reader

India shut off the internet in an attempt to maintain order

Posted by kenmay on August - 30 - 2017

Last week, local governments in the northern Indian states of Punjab and Haryana shut down citizens’ internet access and text messaging services just before a verdict was to be released on a high-profile rape case. The case involved a cult leader with a large following who was accused of raping two women in his group. A statement from the Additional Chief Secretary of Haryana said the order was “issued to prevent any disturbance of peace and public order” in the region. Around 50 million people lost internet access for five days. India has a history of censoring web content in the name of social order. Some areas of the country have made liking blasphemous social media posts punishable with jail time, it has blocked sex sites and has arrested WhatsApp group members who have posted altered, unflattering photos of the prime minister, which is against the country’s law prohibiting fake news. If the order to temporarily shut off the region’s internet had any effect, it wasn’t to prevent a disturbance of the peace. After the cult leader was found guilty, his followers violently protested the verdict, resulting in 38 deaths. Trains were also stopped from traveling to and from the states, schools and businesses were closed and security officers were sent to regain order. Internet and messaging services were restored this morning. Source: CNET

Categories: reader

How the NSA Identified Satoshi Nakamoto

Posted by kenmay on August - 29 - 2017

An anonymous reader shares a report: The ‘creator’ of Bitcoin, Satoshi Nakamoto, is the world’s most elusive billionaire. Very few people outside of the Department of Homeland Security know Satoshi’s real name. In fact, DHS will not publicly confirm that even THEY know the billionaire’s identity. Satoshi has taken great care to keep his identity secret employing the latest encryption and obfuscation methods in his communications. Despite these efforts (according to my source at the DHS) Satoshi Nakamoto gave investigators the only tool they needed to find him — his own words. Using stylometry one is able to compare texts to determine authorship of a particular work. Throughout the years Satoshi wrote thousands of posts and emails and most of which are publicly available. According to my source, the NSA was able to the use the ‘writer invariant’ method of stylometry to compare Satoshi’s ‘known’ writings with trillions of writing samples from people across the globe. By taking Satoshi’s texts and finding the 50 most common words, the NSA was able to break down his text into 5, 000 word chunks and analyse each to find the frequency of those 50 words. This would result in a unique 50-number identifier for each chunk. The NSA then placed each of these numbers into a 50-dimensional space and flatten them into a plane using principal components analysis. The result is a ‘fingerprint’ for anything written by Satoshi that could easily be compared to any other writing. The NSA then took bulk emails and texts collected from their mass surveillance efforts. First through PRISM and then through MUSCULAR, the NSA was able to place trillions of writings from more than a billion people in the same plane as Satoshi’s writings to find his true identity. The effort took less than a month and resulted in positive match. Read more of this story at Slashdot.

Categories: reader

Enlarge (credit: portal gda ) Last year, a series of record-setting attacks hitting sites including KrebsOnSecurity and a French Web host underscored a new threat that had previously gone overlooked: millions of Internet-connected digital video recorders and similar devices that could easily be wrangled into botnets that challenged the resources of even large security services. Now, for one of the first times, researchers are reporting a new platform recently used to wage powerful denial-of-service attacks that were distributed among hundreds of thousands of poorly secured devices: Google’s Android operating system for phones and tablets. The botnet was made up of some 300 apps available in the official Google Play market. Once installed, they surreptitiously conscripted devices into a malicious network that sent junk traffic to certain websites with the goal of causing them to go offline or become unresponsive. At its height, the WireX botnet controlled more than 120,000 IP addresses located in 100 countries. The junk traffic came in the form of HTTP requests that were directed at specific sites, many of which received notes ahead of time warning of the attacks unless operators paid ransoms. By spreading the attacks among so many phones all over the world and hiding them inside common Web requests, the attackers made it hard for the companies that defend against DDoS attacks to initially figure out how they worked. The attacks bombarded targets with as many as 20,000 HTTP requests per second in an attempt to exhaust server resources. Read 8 remaining paragraphs | Comments

Categories: reader

Hyperloop Pod Competition winner hits over 200MPH

Posted by kenmay on August - 28 - 2017

Adjacent to SpaceX headquarters, 25 teams gathered for another Hyperloop Pod Competition . This time the winner would be judged by how quickly they could go down the 1.25 kilometer (about .77 miles) track. On the final day of competition, three teams advanced to the finals and had the chance to push their pod to the limit. With a speed of just over 200 miles per-hour, the Warr (pronounced Varr) team from the Technical University of Munich handily beat the two other finalists with its small, but quick pod. Weighing just 80 kg (176 pounds) and powered by a 50kw motor, the vehicle was essentially a small electric car built specifically for winning the competition. Hyperloop pod run by team WARR pic.twitter.com/ntaMsoxkZE — Elon Musk (@elonmusk) August 28, 2017 The team is no stranger to the winner’s circle, it won the previous Hyperloop Pod Competition back in January for fastest pod. While Warr was the quickest down the tube, the other two teams either posted impressive speeds or broke new ground with their pods. Paradigm , a team made of students form Northeastern University and Memorial University of Newfoundland and Labrador used SpaceX’s pusher (a vehicle that literally pushes pods down the tube) to get the vehicle up to speed. It then counted on its air bearings and extensive lateral control to keep the pod centered and reduce friction. It hit a top speed of 101 kilometers an hour (about 60 miles per-hour) during its run. The second fastest inside the vacuum. Meanwhile, Swissloop from Switzerland’s ETH Zurich, used jet propulsion during its run. After an initial issue with losing connection with its pod just when it was about to do its run, it hit a respectable 40 kilometers an hour (about 25 miles per-hour) with a resounding whoosh as it took off. At the end of the competition, SpaceX CEO Elon Musk mused that there’s no reason why future pods in the competition couldn’t hit 500 to 600 miles per-hour on the 1.25 kilometer track. Of course that means that there will be another Hyperloop Pod Competition sometime next year and who knows, maybe we’ll see pods hitting the speeds that’ll make the mode of transportation truly rival air travel.

Categories: reader