SoylentNews

upstart writes in with a submission, via IRC, for SoyCow4463:

238 Google Play apps with 440 million installs made phones nearly unusable

If the prevalence of abusive Google Play apps has left you numb, this latest report is for you. Carefully concealed adware installed in Google-approved apps with more than 440 million installations was so aggressive that it rendered mobile devices nearly unusable, researchers from mobile security provider Lookout said Tuesday.

BeiTaAd, as the adware is known, is a plugin that Lookout says it found hidden in emojis keyboard TouchPal and 237 other applications, all of which were published by Shanghai, China-based CooTek. Together, the 238 unique apps had a combined 440 million installs. Once installed, the apps initially behaved normally. Then, after a delay of anywhere between 24 hours and 14 days, the obfuscated BeiTaAd plugin would begin delivering what are known as out-of-app ads. These ads appeared on users' lock screens and triggered audio and video at seemingly random times or even when a phone was asleep.

"My wife is having the exact same issue," one person reported in November in this thread discussing BeiTaAd. "This will bring up random ads in the middle of phone calls, when her alarm clock goes off or anytime she uses any other function on her phone. We are unable to find any other information on this. It is extremely annoying and almost [makes] her phone unusable."

Lookout's post said the developers responsible for the 238 apps went to great lengths to conceal the plugin.

upstart writes in with a submission, via IRC, for AnonymousLuser:

The SEC is suing Kik over its $100m Kin token ICO

The United States Securities and Exchange Commission (SEC) has sued Kik Interactive Inc, alleging the Canada-based chat platform conducted an illegal $100 million securities offering of digital tokens.

The SEC says that Kik sold digital tokens to US investors without registering the initial coin offering (ICO) -- a requirement under US securities laws.

An ICO is a form of crowdfunding that can be a source of capital for startups without the need for angel investors, banks, or traditional funding rounds. In return for investor cash, the organisations involved offer virtual coins and the transaction is recorded, typically, on a blockchain.

The Kin token was sold in 2017 and was marketed as an investment opportunity, the SEC alleges.

The SEC further alleges the ICO followed Kik losing money "for years" on its sole product, an online messaging application. The SEC's complaint alleges Kik's management predicted internally that it would run out of money in 2017.

[...] Kik raised more than $55 million from US investors, according to the SEC, and its complaint alleges that Kin tokens traded recently at about half of the value that public investors paid in the offering.

"By selling $100 million in securities without registering the offers or sales, we allege that Kik deprived investors of information to which they were legally entitled, and prevented investors from making informed investment decisions," Co-Director of the SEC's Division of Enforcement Steven Peikin said.

[...] In responding to the SEC action, Kik CEO Ted Livingston said he expects Kin's "momentum" to grow and that his company is going to fight the claims.

"We have been expecting this for quite some time, and we welcome the opportunity to fight for the future of crypto in the United States. We hope this case will make it clear that the securities laws should not be applied to a currency used by millions of people in dozens of apps," Livingstone said.

Original Submission

upstart writes:

Submitted via IRC for SoyCow4463

Ajit Pai works to cap funding for rural and poor people, gets GOP backing

The Federal Communications Commission has preliminarily voted to cap spending on the FCC's Universal Service programs, which deploy broadband to poor people and to rural and other underserved areas.

[...] Pai's plan, as we previously reported, would set a combined cap of $11.4 billion on the four programs that make up the Universal Service Fund (USF).

Pai's proposal says that capping the fund at this level "will strike the appropriate balance between ensuring adequate funding for the Universal Service programs while minimizing the financial burden on ratepayers and providing predictability for program participants." All four Universal Service programs are paid for by Americans through fees on their phone bills.

The proposed cap of $11.4 billion is the same as the sum of the four programs' budgets for 2018 and would be indexed to keep pace with inflation under Pai's proposal. The new cap wouldn't have an immediate impact on actual spending, because it's higher than current spending. The FCC projects that the USF's total disbursements will be $10.2 billion in 2019 and remain below $10.5 billion annually through 2023.

Original Submission

upstart writes:

Submitted via IRC for AnonymousLuser

Fortune 500 company leaked 264GB in client, payment data

A veteran Fortune 500 company has plugged a data leak which exposed 264GB in client and business data to the public.

Tech Data, an IT infrastructure company with over 45 years in the business and $37.2 billion in sales for the 2019 fiscal year, was the source of the leak, vpnMentor researchers Noam Rotem and Ran Locar said in a blog post on Thursday.

According to the team, a log management server was leaking system-wide information. After discovering the server through vpnMentor's web mapping project, the company took a sample of the leaked information, which was "a serious leak as far as we could see."

"With a simple search of the exposed database, our researchers were able to find the payment information, PII, and full company and account details for end-users and managed service providers (MSPs) -- including for a criminal defense attorney, a utilities service provider, and more," vpnMentor says.

Private API keys, bank and payment information, usernames and unencrypted passwords, and process information relating to Tech Data clients' internal systems and SAP builds were exposed.

In addition, the Personally Identifiable Information (PII) of employees was available, including their full names, job titles, email addresses, physical addresses, as well as telephone and fax numbers.

Reseller contact and invoice data, payment and credit card information, and internal security logs were also leaked.

Due to the 264GB size of the database, only a small sample was taken, and so other forms of information may have also been made public.

"There were enough details in this leak wherein a nefarious party could easily access users' accounts -- and possibly gain access to the associated permissions for said accounts," the researchers said.

Original Submission

upstart writes:

Submitted via IRC for SoyCow4463

Want Good Night Sleep? Delete That Sleep-Tracking App, Expert Advises

Sleep-tracking apps could be making your sleep worse, a British sleep expert has warned. Dr Guy Leschziner, a sleep disorder specialist working at Guy’s hospital in London, has said the use of sleep tracking technology can raise anxieties about sleep to the point where users can actually develop insomnia.

The concern is that by monitoring sleep and obsessively pouring[sic] over the data about your sleep in an app, you can become more anxious and preoccupied about whether you are sleeping enough. This preoccupation can cause problems through the nocebo effect, the opposite of a placebo, where you feel worse because you expect to feel worse after seeing data that suggests your sleep was poor.

"We've seen a lot of people who have developed significant insomnia as a result of either sleep trackers or reading certain things about how devastating sleep deprivation is for you," Leschziner said at a talk at the Cheltenham Science Festival in the U.K., according to the Guardian.

Leschziner went on to say he doubted the utility of sleep apps. "My view of sleep trackers is fairly cynical. If you wake up feeling tired and you've had an unrefreshing night's sleep then you know you've got a problem," he said. "If you wake up every day and feel refreshed, are awake throughout the day and are ready to sleep at the same time every night then you're probably getting enough sleep for you and you don't need an app to tell you that."

Original Submission

upstart writes:

Submitted via IRC for Bytram

Barnes & Noble Set To Be Sold To Elliott Management For About $683 Million

Just about eight months after Barnes & Noble revealed it was exploring a possible sale, the embattled bookseller has settled on a buyer.

The mega-chain, which boasts 627 locations across the U.S., announced Friday that the Elliott Management Corp. has agreed to buy Barnes & Noble for about $683 million — a price tag that includes the bookseller's debt, which Elliott will take on as part of the deal.

The move marks Elliott's second major splash in the world of books in the span of a year. Last June the New York-based hedge fund acquired Waterstones, which, with more than 280 bookshops, is the largest retail bookseller in the U.K.

Now, Elliott is set to own the largest bookseller in the U.S., too.

Original Submission

martyb writes:

The Mysterious Crystal that Melts at Two Different Temperatures:

In a little-known paper published in 1896, Emil Fischer—the German chemist who would go on to win the 1902 Nobel Prize in Chemistry for synthesizing sugars and caffeine—said his laboratory had produced a crystal that seemed to break the laws of thermodynamics. To his puzzlement, the solid form of acetaldehyde phenylhydrazone (APH) kept melting at two very different temperatures. A batch he produced on Monday might melt at 65 °C, while a batch on Thursday would melt at 100 °C.

Colleagues and rivals at the time told him he must have made a mistake. Fischer didn’t think so. As far as he could tell, the crystals that melted at such different points were identical. A few groups in Britain and France repeated his work and got the same baffling results. But as those scientists died off, the mystery was forgotten, stranded in obscure academic journals published in German and French more than a century ago.

There it would probably have remained but for Terry Threlfall, an 84-year-old chemist at the University of Southampton, UK. Stumbling across Fischer’s 1896 paper in a library about a decade ago, Threlfall was intrigued enough to kick-start an international investigation of the mysterious crystal. Earlier this year in the journal Crystal Growth and Design, Threlfall and his colleagues published the solution: APH is the first recorded example of a solid that, when it melts, forms two structurally distinct liquids. Which liquid emerges comes down to contamination so subtle that it’s virtually undetectable.

Many, many years ago I learned that "If it can't be what (where) it has to be, then it has to be what (where) it can't be!"

The linked story reads like a modern-day whodunnit mystery with false leads and a surprise ending. Knowledge of chemistry is helpful, but is not really required.

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow4463

In a marketing campaign idea that even the least savvy internet user could have told you was a terrible idea, the North Face decided to announce publicly earlier this week how it gamed Google Search results to promote its products by uploading photos of them to high-traffic Wikipedia entries.

North Face even gloated about its success with a short, two-minute video detailing how shots of famous locales were swapped for similar-seeming photos featuring North Face product placement, inorganically juicing North Face visibility in Google results. The opening of the video showed a graphic of a Google Search bar filling up in real time with the words, “How can a brand be the first on google without paying anything for it?”

Now, the brand is apologizing for the move, and for having claimed it worked with Wikipedia-owner the Wikimedia Foundation. And, in an interview with The New York Times, North Face is also claiming that it was the cause of a lack of communication between the company and an independent distributor outside the US.

[...]The Wikimedia Foundation didn’t mince words in its own blog post. “We were disappointed to learn that The North Face, an outdoor recreation product company, and Leo Burnett Tailor Made, an ad agency retained by The North Face, unethically manipulated Wikipedia,” the organization wrote in a blog post published yesterday. “They have risked your trust in our mission for a short-lived marketing stunt.” The organization said it only became aware of the tactic once details of the ad campaign were divulged in an Ad Age report on Tuesday.

Source: https://www.theverge.com/2019/5/30/18646538/north-face-wikipedia-google-search-apology-free-advertising-policy-violation

Original Submission

McGruber writes:

"Maker Media Inc ceased operations this week and let go of all of its employees — about 22 employees" founder and CEO Dale Dougherty told TechCrunch. "I started this 15 years ago and it's always been a struggle as a business to make this work. Print publishing is not a great business for anybody, but it works...barely. Events are hard . . . there was a drop off in corporate sponsorship." Microsoft and Autodesk failed to sponsor this year's flagship Bay Area Maker Faire.

But Dougherty is still desperately trying to resuscitate the company in some capacity, if only to keep MAKE:'s online archive running and continue allowing third-party organizers to license the Maker Faire name to throw affiliated events. Rather than bankruptcy, Maker Media is working through an alternative Assignment for Benefit of Creditors process.

"We're trying to keep the servers running" Dougherty tells me. "I hope to be able to get control of the assets of the company and restart it. We're not necessarily going to do everything we did in the past but I'm committed to keeping the print magazine going and the Maker Faire licensing program." The fate of those hopes will depend on negotiations with banks and financiers over the next few weeks. For now the sites remain online.

LINK:
https://techcrunch.com/2019/06/07/make-magazine-maker-media-layoffs/

Original Submission

An Anonymous Coward writes:

Have you ever been so desperate for something from the local shop that you would send an army down the street to go get it? Well, that's what it looks like is happening right now in Australian Australia. Three Chinese warships snuck into the country to make off with dozens of tins of powdered milk. This Chinese mission was so top secret NSW Premier Gladys Berejiklian was not aware that the Chinese warships planned to enter an Australian port. Given the high prices Australian canned milk powder can fetch this shopping trip on the way home is not very surprising. When the warships arrives much speculation was had as to the motives for this visit most notably that this was a show of power by the Chinese government. The number of local Chinese residents who showed up to welcome the warships when they arrived when no one else knew they were coming underlines what the warships actually came to Australia for - Profit.

Why don't they order online like everyone else?

Original Submission

upstart writes:

Submitted via IRC for AnonymousLuser

Hollywood lie: Bank hacks take months, not seconds

A report published today by cyber-security firm Bitdefender gives one of the best views we ever got into the inner-workings of a modern bank heist, and more particularly, a bank heist carried out by Carbanak, a group of hackers responsible for stealing more than one billion euros from banks all over the world.

Methodical, slow, and paying close attention to not getting discovered, a Carbanak hack is like a slow burning fire that makes its way across a forest.

Unlike Hollywood movies where bank cyber-heists happen within seconds, in the real world, hackers spend weeks inside banks' IT systems, gathering intel, and preparing for the day when they're ready to spring into action and steal funds.

Everything about a modern-day bank cyber-heist is... boring, even the hacking, which involves good ol' techniques like spear-phishing, vulnerability scanning, domain controller compromise, lateral movement, and the use of off-the-shelf, legitimate tools like Cobalt Strike.

Original Submission

MrPlow writes:

Submitted via IRC for Runaway1956

In the deep sea, dragonfish lure smaller fish near their gaping jaws with beardlike attachments capped with a light. But the teeth of the pencil-sized predators don't gleam in that glow.

Instead, dragonfish teeth are transparent and hard to see, thanks to nanoscale structures that reduce the amount of light scattered by the teeth, researchers report June 5 in Matter.

The clear daggers vanish into the animals' dark mouths, probably to help dragonfish surprise their prey, says study coauthor Marc Meyers, a materials scientist at the University of California, San Diego. "They are mini-monsters of the ocean."

The teeth of dragonfish are similar to those of most animals: They contain a dense outer layer of enamel-like material that coats a hard tissue called dentin. But nanostructures in both layers set these tiny chompers apart from others' pearly whites.

Source: https://www.sciencenews.org/article/dragonfish-teeth-transparent-prey

Original Submission

martyb writes:

Stanford Engineers Make Editing Video as Easy as Editing Text:

In television and film, actors often flub small bits of otherwise flawless performances. Other times they leave out a critical word. For editors, the only solution so far is to accept the flaws or fix them with expensive reshoots.

Imagine, however, if that editor could modify video using a text transcript. Much like word processing, the editor could easily add new words, delete unwanted ones or completely rearrange the pieces by dragging and dropping them as needed to assemble a finished video that looks almost flawless to the untrained eye.

A team of researchers from Stanford University, Max Planck Institute for Informatics, Princeton University and Adobe Research created such an algorithm for editing talking-head videos – videos showing speakers from the shoulders up.

The work could be a boon for video editors and producers but does raise concerns as people increasingly question the validity of images and videos online, the authors said. However, they propose some guidelines for using these tools that would alert viewers and performers that the video has been manipulated.

"Unfortunately, technologies like this will always attract bad actors," said Ohad Fried, a postdoctoral scholar at Stanford. "But the struggle is worth it given the many creative video editing and content creation applications this enables."

There is a video on YouTube explaining the technique and containing numerous examples.

So, given enough sample data, you can type a transcript of what you want said, and a "talking head" version of the samplee can be created showing them saying exactly that.

Previously: House Intelligence Committee to Hold Hearing on "Deepfakes"

Original Submission

martyb writes:

Somebody's Watching You: The Surveillance of Self-Driving Cars:

Picture the future, where driving is a thing of the past. You can hop in your car or one from a ride-share, buckle up and tell the car where you want to go. During your ride, you can check your email and look up a few things online through your dashboard. Meanwhile, your whereabouts and other details are being tracked remotely by companies. As self-driving cars develop further, autonomous vehicles will play a much larger role in the digital economy as car companies and others harness personalized customer information through geospatial and navigation technologies, combining it with existing financial consumer profiles, according to a study in Surveillance and Society.

"Self-driving cars will represent a new mode for surveillance. Through a self-driving car's global positioning, system, navigational tools, and other data collection mechanisms, companies will be able to gain access to highly contextual data about passengers' habits, routines, movements, and preferences," explained Luis F. Alvarez León, an assistant professor of geography at Dartmouth. "This trove of personal, locational, and financial data can be leveraged and monetized by companies, by providing a data-stream for companies to target customers through personalized advertising and marketing," he added.

[...] As self-driving car technologies develop, privacy and security concerns loom as to how companies will use personal data, an area for which the limits and specific governance mechanisms have yet to be defined by federal regulations.

Journal Reference:
Luis F Alvarez Leon. Eyes on the Road: Surveillance Logics in the Autonomous Vehicle Economy. Surveillance & Society, 2019; 17 (1/2): 198 DOI: 10.24908/ss.v17i1/2.12932

Original Submission

MrPlow writes:

Submitted via IRC for Runaway1956

Where humans have the money, we sometimes build storm defenses like seawalls to protect our coastal cities. But coastal development can often destroy natural defenses like coastal marshes or mangrove swamps. These ecosystems dampen waves and reduce storm surge flooding, and mangroves can even reduce wind speeds.

The protections provided by coastal ecosystem services are typically estimated by carefully looking at a single area or event. A new study led by East Carolina University's Jacob Hochard took another tack, comparing the economic impacts of tropical cyclones around the world with satellite data.

[...] Measuring economic activity requires a little more ingenuity, as you can't just look at reported statistics for many of these countries. Fortunately, the intensity of nighttime lighting in any location is easily determined from space and has been shown to be a reliable indicator of economic activity. Basically, if an area is doing well economically, there will be more lights on at night there.

To find out how well mangrove swamps protect nearby communities, the researchers measured the change in lighting for the years after a tropical cyclone made landfall. They compared communities with the average mangrove extent and above-average communities at the 68th percentile (one standard deviation above the mean). Instead of about 6 meters of mangrove buffer, these communities had about 25 meters of mangrove.

[...] The researchers made sure that they weren't mistaking causation for mere correlation—like the economic recovery after a storm involving more clearing of mangroves if the economic damage was greater. But an interesting possibility they couldn't evaluate is that the presence of more extensive mangroves might make recovery seem like a safer investment. It could be that given the choice between a community that seems unprotected from future storms and one that has a good mangrove buffer, more post-disaster money might flow into the latter—a case of "perception is reality" on top of the physical reality of storm waves coming through the trees.

Source: https://arstechnica.com/science/2019/06/more-mangroves-economies-recover-faster-after-tropical-cyclones/

Original Submission