SoylentNews

Arthur T Knackerbracket has found the following story:

Russian authorities have arrested members of the TipTop cybercrime group, believed to have infected more than 800,000 Android smartphones with malware since 2015.

The group operated by renting Android banking trojans from underground hacking forums, which they later hid inside Android apps distributed via search engine ads and third-party app stores.

TipTop has been active since 2015, and operators have been making between $1,500 and $10,500 in daily profits, according to Group-IB, the cyber-security firm who helped Russian authorities track down the gang's members. The group's favorite malware was the Hqwar (Agent.BID) banking trojan, which they rented and used in most of their campaigns.

Hqwar is capable of reading SMS messages, recording phone calls, and initiating USSD-requests. However, it's primary function is to show fake login screens on top of legitimate banking apps, and steal victims' login credentials. Group-IB said TipTop temporarily stopped distributing Hqwar in 2016, when they experimented with its competitors, such as Asacub (Honli), Cron, and CatsElite (MarsElite), but returned to it in 2017 when they used it alongside the Lokibot and modernized Marcher (Rahunok) trojans.

[...] In 2017, Kaspersky ranked Hqwar as the fourth most popular Android malware. A year later, Kaspersky cited Hqwar as one of the root causes in the sudden jump in the number of Android mobile banking trojans, together with Asacub.

[...] While official documents or statements don't mention anything about the suspect collaborating with authorities, officials from the Russian Ministry of Internal Affairs said they also made other arrests with the information gathered from this case, while other suspects are under investigation.

Original Submission

upstart writes:

Submitted via IRC for Fnord666

Fresh images of HMS Terror shipwreck could clear up lingering mysteries

Parks Canada has released new images from the first underwater exploration of the shipwreck of the HMS Terror. The ongoing study of the shipwreck and its artifacts should shed more light on Captain Sir John S. Franklin's doomed Arctic expedition to cross the Northwest Passage in 1846. Franklin's two ships, the HMS Erebus and the HMS Terror, became icebound in the Victoria Strait, and all 129 crew members ultimately died. It's been an enduring mystery that has captured imaginations ever since. Novelist Dan Simmons immortalized the expedition in his 2007 horror novel, The Terror, which was later adapted into an anthology TV series for AMC in 2018. (Season 2 of the TV show, set in the Japanese internment camps of World War II, is currently airing.)

The Terror was actually a repurposed warship, having survived the War of 1812 among other skirmishes. The expedition set sail on May 19, 1845 and was last seen in July 1845 in Baffin Bay by the captains of two whaling ships. Historians have managed to piece together a reasonably credible rough account of what happened. The crew spent the winter of 1845-1846 on Beechey Island, where the graves of three crew members were found. When the weather cleared, the expedition sailed into the Victoria Strait before getting trapped in the ice off King William Island in September 1846. Franklin himself died on June 11, 1847, per a surviving note dated the following April. It's believed that everyone else died while encamped for the winter, or while attempting to walk back to civilization.

[...] The remains of the HMS Erebus were discovered by Parks Canada in September 2014, just west of O'Reilly Island, with the help of a remotely operated vehicle (ROV). Almost exactly two years later, an Arctic Research Foundation team found the wreck of the Terror, in Terror Bay, off the southern coast of King William Island, some 62 miles (100 km) from where historians had expected it to be. There had been rumors of sightings in the area, particularly from Inuit hunters, and one reported that he'd seen a mast jutting from the ice in that area a few years earlier. That proved to be the tip the foundation's team needed; it took them just 2.5 hours to locate the Terror.

[...] They captured footage not just of the exterior but also of the interior crew's cabins and captain's quarters. The team is especially excited about the latter location, since they expect to find preserved written documents, hopefully gleaning valuable information about the fate of the ship and her crew, along with details about their lives abroad the ship. They've already identified intact map cabinets, a tripod, and two thermometers. The only area they weren't able to explore were the captain's sleeping quarters.

Original Submission

martyb writes:

WordPress Sites Under Attack as Hacker Group tries to Create Rogue Admin Accounts":

The attacks are an escalation part of a hacking campaign that started last month. During previous attacks, the hackers exploited vulnerabilities in the same plugins to plant malicious code on the hacked sites. This code was meant to show popup ads or to redirect incoming visitors to other websites.

However, two weeks ago, the group behind these attacks changed its tactics. Mikey Veenstra, a threat analyst with cybersecurity firm Defiant, told ZDNet today that starting with August 20, the hacker group modified the malicious code planted on hacked sites.

Instead of just inserting pop-ups and redirects, the malicious code also ran a function in order to test if the site visitor had the ability to create user accounts on the site, a feature only available for WordPress admin accounts.

Basically, this malicious code waited for the site owner to access their own websites. When they did, the malicious code created a new admin account named wpservices, using the email address of wpservices@yandex.com, and password of w0rdpr3ss.

According to Veenstra, these recent attacks are targeting older vulnerabilities in the following plugins.

• Bold Page Builder
• Blog Designer
• Live Chat with Facebook Messenger
• Yuzo Related Posts
• Visual CSS Style Editor
• WP Live Chat Support
• Form Lightbox
• Hybrid Composer
• All former NicDark plugins (nd-booking, nd-travel, nd-learning, et. al.)

Follow the provided links to access up-to-date versions and then check to make sure you have no rogue admin-level accounts.

Original Submission

upstart writes:

Submitted via IRC for Carny

Forget single genes: CRISPR now cuts and splices whole chromosomes

Imagine a word processor that allowed you to change letters or words but balked when you tried to cut or rearrange whole paragraphs. Biologists have faced such constraints for decades. They could add or disable genes in a cell or even—with the genome-editing technology CRISPR—make precise changes within genes. Those capabilities have led to recombinant DNA technology, genetically modified organisms, and gene therapies. But a long-sought goal remained out of reach: manipulating much larger chunks of chromosomes in Escherichia coli, the workhorse bacterium. Now, researchers report they've adapted CRISPR and combined it with other tools to cut and splice large genome fragments with ease.

"This new paper is incredibly exciting and a huge step forward for synthetic biology," says Anne Meyer, a synthetic biologist at the University of Rochester in New York who was not involved in the paper published in this week's issue of Science. The technique will enable synthetic biologists to take on "grand challenges," she says, such as "writing of information to DNA and storing it in a bacterial genome or creating new hybrid bacterial species that can carry out novel [metabolic reactions] for biochemistry or materials production."

The tried and true tools of genetic engineering simply can't handle long stretches of DNA. Restriction enzymes, the standard tool for cutting DNA, can snip chunks of genetic material and join the ends to form small circular segments that can be moved out of one cell and into another. (Stretches of linear DNA don't survive long before other enzymes, called endonucleases, destroy them.) But the circles can accommodate at most a couple of hundred thousand bases, and synthetic biologists often want to move large segments of chromosomes containing multiple genes, which can be millions of bases long or more. "You can't get very large pieces of DNA in and out of cells," says Jason Chin, a synthetic biologist at the Medical Research Council (MRC) Laboratory of Molecular Biology in Cambridge, U.K.

[...] The new tools will bolster industrial biotechnology by making it easier to vary the levels of proteins that microbes make, Liu and others say. They also promise an easy way to rewrite bacterial genomes wholesale, Meyer adds. One such project aims to alter genomes so they can code not just for proteins' normal 20 amino acids, but also for large numbers of nonnatural amino acids throughout the genome. That could lead to synthetic life forms capable of producing molecules far beyond the reach of natural organisms.

Original Submission

upstart writes:

Submitted via IRC for Bytram

Venmo's Public Transactions Policy Stirs Privacy Concerns

In an open letter, the Mozilla Foundation and EFF scolded Venmo for its data privacy policies, which they say could open the door to stalking and spear-phishing.

Your simple $5 Venmo payment to a friend after splitting a pizza could easily expedite various malicious attacks, from stalking to spear-phishing, according to researcher concerns.

Many have weighed in on Venmo’s privacy practices, but the latest are Mozilla Foundation and the Electronic Frontier Foundation (EFF), which on Thursday blasted popular mobile transaction app for its data-privacy policies. The companies specifically pointed out the lack of privacy around Venmo transactions, which are public by default, and around public lists of users’ friends that they can interact with on the app, for which there is not even an option to hide.

Venmo, a mobile payment service owned by PayPal, is an app that enables friends on the app to pay or request payments from one another. The app’s popularity is not to be understated, with 40 million active users in 2019, and $12 billion in transactions on the platform in the first quarter of 2018.

In a Thursday joint public letter the Mozilla Foundation and EFF penned their concerns. “We are writing to express our deep concern about Venmo’s disregard for the importance of user privacy, and to call on Venmo to make two critical changes to its privacy settings: Make transactions private by default, and give users privacy settings for their friend lists,” the organizations said in their letter.

The plea to Venmo comes after the app’s privacy policies have been criticized by several researchers, who showed how they could scrape millions of Venmo payments – even if they don’t use the app.  That’s because Venmo utilizes a public API endpoint to return the data for its transaction feed –  meaning that anyone, even those not using the app, could make a GET request to see anyone else’s transactions.

[...] “The list of people with whom you exchange money paints a startlingly clear picture of the people who live, date and do business with you,” they said. “Just as Venmo has given users newsfeed privacy settings, it must give them, at a minimum, equivalent friend list privacy settings.”

Original Submission

Arthur T Knackerbracket has found the following story:

One of the most common brain cancers in children, Sonic Hedgehog (SHH) medulloblastoma, also is one of the more survivable for most kids. Unfortunately, for a subset of patients the cancer resists treatment and relapses with a vengeance to then turn deadly.

Researchers at Cincinnati Children's Hospital Medical Center used a powerful new computer-assisted technology called single-cell transcriptomics that measures thousands of individual cells simultaneously to map cell types and molecular cascades that drive the growth of SHH-medulloblastoma. In a study published Aug. 29 by the journal Cancer Cell, the scientists report they discovered new treatment strategies for the disease that may help patients fight a recurrent cancer.

Scientists used direct genetic manipulation to block genetic and molecular cascades they discovered in SHH-medulloblastoma tumors. The genetic-molecular block stopped the cancer growth and prevented relapse in tumor-forming laboratory mice, according Q. Richard Lu, PhD, a senior study investigator and scientific director of the Brain Tumor Center at Cincinnati Children's.

"Medulloblastoma is driven by a diverse group of cell types and molecular pathways that haven't been understood very well," said Lu. "But after identifying the molecular triggers and potential cells of origin for tumor initiation and recurrence, we determined from further testing that there are existing small molecule inhibitors that can target the oncogenic cascade pathways that cause SHH tumor initiation and recurrence."

The researchers developed their new data by subjecting SHH-medulloblastoma tumors in lab animals at various stages of tumor growth to single-cell transcriptomic analysis. The technique generated an extensive dataset that identifies the complete set of transcribed DNA sequences in every single cancer cell. The scan revealed that immature oligodendrocyte progenitor cells in the brain -- which can assume stem-cell-like qualities -- grow out of control to form medulloblastoma tumors and the molecular cascade that fuels recurring brain cancer.

Although additional preclinical research is need before clinical testing can be proposed for patients, the current study points to several molecular targets that respond to combined treatment with existing drugs, according to study co-lead author Xuelian He, MD, PhD, a former member of the Lu laboratory and now at Boston Children's Hospital. Combination therapies allow lower drug doses and improved drug tolerability for patients while achieving a certain level of therapeutic efficacy.

Liguo Zhang, et. al. Single-Cell Transcriptomics in Medulloblastoma Reveals Tumor-Initiating Progenitors and Oncogenic Cascades during Tumorigenesis and Relapse. Cancer Cell, 2019; DOI: 10.1016/j.ccell.2019.07.009

Original Submission

upstart writes in with a submission, via IRC, for SoyCow2718

Quantum radar has been demonstrated for the first time

One of the advantages of the quantum revolution is the ability to sense the world in a new way. The general idea is to use the special properties of quantum mechanics to make measurements or produce images that are otherwise impossible.

Much of this work is done with photons. But as far as the electromagnetic spectrum is concerned, the quantum revolution has been a little one-sided. Almost all the advances in quantum computing, cryptography, teleportation, and so on have involved visible or near-visible light.

Today that changes thanks to the work of Shabir Barzanjeh at the Institute of Science and Technology Austria and a few colleagues. This team has used entangled microwaves to create the world's first quantum radar. Their device, which can detect objects at a distance using only a few photons, raises the prospect of stealthy radar systems that emit little detectable electromagnetic radiation.

The device is simple in essence. The researchers create pairs of entangled microwave photons using a superconducting device called a Josephson parametric converter. They beam the first photon, called the signal photon, toward the object of interest and listen for the reflection.

In the meantime, they store the second photon, called the idler photon. When the reflection arrives, it interferes with this idler photon, creating a signature that reveals how far the signal photon has traveled. Voila—quantum radar!

Arthur T Knackerbracket has found the following story:

Researchers at the Fraunhofer Institute for Solar Energy Systems ISE have once again succeeded in raising the efficiency value of monolithic triple-junction solar cells made of silicon and III-V semiconductor materials. Using a combination of multiple absorber materials, these multi-junction photovoltaic cells exploit the energy from the solar spectrum significantly better than conventional silicon solar cells. The world record for a monolithic multi-junction solar cell manufactured by wafer bonding has been increased to 34.1% and an efficiency record of 24.3% achieved for a solar cell with the III-V semiconductor layers deposited directly on the silicon.

“Monolithic multi-junction solar cells are a source of hope for the further development of the silicon solar cells dominating the field today because they can lead to significantly higher efficiency values when converting sunlight into electrical power. We believe that we can achieve efficiency values of 36%, which would substantially exceed the physical limit of 29.4% offered by a pure silicon solar cell,” explains Dr. Andreas Bett, Institute Director of Fraunhofer ISE. The high efficiency allows for more output per surface area, thus creating a savings of solar cell and module materials — an important aspect in regard to the sustainability of photovoltaics.

Triple-junction solar cells made of III-V semiconductors and silicon have the potential to take photovoltaics to a new level of efficiency.

For the production of multi-junction photovoltaic cells, thin III-V semiconductor layers only a few micrometers thick are deposited on a silicon solar cell. In order to optimally exploit the sun’s rays, the different layers absorb light from different spectral ranges: gallium indium phosphide in the 300–660 nm range (visible light), aluminum gallium arsenide in the 600–840 nm range (near infrared light) and silicon in the 800–1200 nm range (long-wavelength light).

This enables significantly increased efficiencies compared to single-junction silicon solar cells. Like today’s conventional silicon solar cells, these cells each have a contact on the front and rear sides, which allows for easy integration in solar modules.

Original Submission

upstart writes in with a submission, via IRC, for SoyCow2718.

Apple iPhones Hacked by Websites Exploiting Zero-Day Flaws

Since at least 2016, hacked websites have targeted zero-day flaws in the latest versions of Apple iOS to surreptitiously hack iPhones, new research from Google shows.

The attack campaign has been revealed by Google's Project Zero team, which searches for zero-day flaws. It says the attack campaign was used to infect iOS devices with an implant - aka malware - that could steal private data, including photos and messages in Telegram, iMessages and Gmail, as well as send GPS data to a command-and-control server for tracking users in real time, provided they're online.

"Earlier this year Google's Threat Analysis Group discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day," Ian Beer of the Project Zero team says in a blog post published Thursday.

"There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant," he says. "We estimate that these sites receive thousands of visitors per week."

[...] Google reported two serious flaws - CVE-2019-7287 & CVE-2019-7286 - to Apple on Feb. 1, setting a seven-day deadline before releasing them publicly, since they were apparently still zero-day vulnerabilities as well as being used in active, in-the-wild attacks.

Apple patched the flaws via iOS 12.1.4, released on Feb. 7, together with a security alert.

Arthur T Knackerbracket has found the following story:

Researchers at the German Center for Neurodegenerative Diseases (DZNE) and the Institute for Stroke and Dementia Research (ISD) at the University Hospital of the Ludwig-Maximilians-Universität (LMU) in Munich have found that a protein called TREM2 could positively influence the course of Alzheimer's disease. When TREM2 is present in the cerebrospinal fluid at higher concentrations, patients at any stage of the disease have a better prognosis. This observation provides a starting point for the development of new therapeutic strategies. The study was led by Prof. Christian Haass (DZNE) and Prof. Michael Ewers (ISD, LMU) and is published in the journal “Science Translational Medicine”.

[...] In previous studies on mice, Haass and his colleagues demonstrated that TREM2 activates microglia to enclose and selectively destroy toxic protein aggregates typical for Alzheimer’s disease. “These observations indicate that TREM2 can protect the brain from the degenerative effects of the disease – at least in animal models,” said Haass.

[...using] data of 385 subjects from the Alzheimer's Disease Neuroimaging Initiative (ADNI), a large clinical dataset containing records and samples from patients and healthy seniors taken at regular checkups over many years. The study thus allows to establish associations between certain biochemical changes and disease progression.

Indeed, Haass and Ewers found that high levels of TREM2 improved the prognosis of subjects at all stages of the disease. Their memory remained more stable and the degradation of the hippocampus, a brain region responsible for learning and recollection, was less pronounced.

“Our findings are clinically relevant because we found that higher levels of TREM2 were associated also with a reduced rate of the development of full blown dementia over a time period up to 11 years”, explained Ewers. “Microglia activation is a double-edged sword, entailing both protective effects and neurotoxic inflammation. TREM2 signaling may play a key role in the regulation of the brain’s protective immune response”.

Increased soluble TREM2 in cerebrospinal fluid is associated with reduced cognitive and clinical decline in Alzheimer’s disease; Michael Ewers, Nicolai Franzmeier, Marc Suárez-Calvet et al.; Science Translational Medicine (2019); DOI: 10.1126/scitranslmed.aav6221

Original Submission

rob_on_earth writes:

https://www.theregister.co.uk/2019/08/28/gimp_open_source_image_editor_forked_to_fix_problematic_name/

(Emphasis in original. --Ed.)

GIMP is a longstanding project, first announced in November 1995. The name was originally an acronym for General Image Manipulation Program but this was changed to GNU Image Manipulation Program.

The new fork springs from a discussion on Gitlab, where the source code is hosted. The discussion has been hidden but is available on web archives here. A topic titled "Consider renaming GIMP to a less offensive name," opened by developer Christopher Davis, stated:

I'd like to propose renaming GIMP, due to the baggage behind the name. The most modern and often used version of the word "gimp" is an ableist insult. This is also the colloquial usage of the word. In addition to the pain of the definition, there's also the marketability issue. Acronyms are difficult to remember, and they end up pronounced instead of read as their parts. "GIMP" does not give a hint towards the function of the app, and it's hard to market something that's either used as an insult or a sex reference.

[...] The subject of the suitability of the name is not new, and is enshrined in the official FAQ:

"I don't like the name GIMP. Will you change it?"

With all due respect, no. We've been using the name GIMP for more than 20 years and it's widely known ... on top of that, we feel that in the long run, sterilization of language will do more harm than good. ... Finally, if you still have strong feelings about the name "GIMP", you should feel free to promote the use of the long form GNU Image Manipulation Program or maintain your own releases of the software under a different name.

The Glimpse project is therefore entirely within the spirit of open source. "We believe free software should be accessible to everyone, and in this case a re-brand is both a desirable and very straightforward fix that could attract a whole new generation of users and contributors," says the About page.

Is now the time to accept that, to get GIMP into the mainstream, it needs a rename?

Original Submission

martyb writes:

Noted security researcher Bruce Schneier brings word of a recent paper noting deficiencies in the idea of a "trusted enclave" that will only run trustworthy code.

From the abstract to the paper on arXiv: "Practical Enclave Malware with Intel SGX."

Abstract: Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves. For instance, Intel's threat model for SGX assumes fully trusted enclaves, yet there is an ongoing debate on whether this threat model is realistic. In particular, it is unclear to what extent enclave malware could harm a system. In this work, we practically demonstrate the first enclave malware which fully and stealthily impersonates its host application. Together with poorly-deployed application isolation on personal computers, such malware can not only steal or encrypt documents for extortion, but also act on the user's behalf, e.g., sending phishing emails or mounting denial-of-service attacks. Our SGX-ROP attack uses new TSX-based memory-disclosure primitive and a write-anything-anywhere primitive to construct a code-reuse attack from within an enclave which is then inadvertently executed by the host application. With SGX-ROP, we bypass ASLR, stack canaries, and address sanitizer. We demonstrate that instead of protecting users from harm, SGX currently poses a security threat, facilitating so-called super-malware with ready-to-hit exploits. With our results, we seek to demystify the enclave malware threat and lay solid ground for future research on and defense against enclave malware.

The full paper is available as a pdf file.

Original Submission

upstart writes:

Submitted via IRC for SoyCow2718

Biohackers are pirating a cheap version of a million-dollar gene therapy (archive)

Citing the tremendous cost of new drugs, an international group of biohackers say they are creating a knock-off of a million-dollar gene therapy. The drug being copied is Glybera, a gene therapy that was the world's most expensive drug when it came on the market in Europe in 2015 with a $1 million per treatment price tag. Glybera was the first gene therapy ever approved to treat an inherited disease.

Now a band of independent and amateur biologists say they have engineered a prototype of a simpler, low-cost version of Glybera, and they plan to call on university and corporate scientists to help them check, improve, and test it on animals.

The group says it will start sharing the materials and describe their activities this weekend at Biohack the Planet, a conference in Las Vegas that hosts citizen scientists, journalists, and researchers for two days of presentations on body implants, biosafety, and hallucinogens. "This was developed in a shed in Mississippi, a warehouse in Florida, a bedroom in Indiana, and on a computer in Austria," says Gabriel Licina, a biohacker based in South Bend, Indiana. He says the prototype gene therapy cost less than $7,000 to create.

Experts briefed on the biohacking project were divided, with some calling it misguided and unlikely to work. Others say the excessive cost of genetic treatments has left patients without options and created an incentive to pirate genetic breakthroughs.

Original Submission

[Seconding-Ed note: This story is likely to be contentious. In the interests of helping set the tone, I would like to start off by quoting H.L. Mencken:

The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all.

Further, this quote which has appeared in various phrasings and attributions:

I disapprove of what you say, but I will defend to the death your right to say it.

To mind's eye, I must be willing to accept against my own words and actions any that I would wish to see imposed upon another. --martyb]

YouTube Restores Far-Right Channels After Appeal

Arthur T Knackerbracket has found the following story:

*SPOILER* (click to show) *SPOILER* (click to hide)

The channels of two prominent far-right YouTubers have been re-instated after the video-sharing site said it made a mistake in removing them. Initially, YouTube gave no reason for changing its decision and just said it had made a "wrong call". Later, it said that while many people found the channels "deeply offensive", they had not broken its rules. The decision came days after YouTube's chief executive said YouTube had to be open to hosting "controversial" ideas.

YouTube removed several channels and accounts this week, claiming they had broken its hate speech policies. Among them was a channel run by white nationalist Martin Sellner and an anonymous British YouTuber known as The Iconoclast. Mr Sellner was reportedly in contact with the man who allegedly carried out the Christchurch mosque shootings in March this year that killed 51 people. Austrian police are investigating his links to the attack. He denies any involvement in the shooting.

Both men protested about the closure of their YouTube channels on social media. They shared information sent to them from YouTube, which said they had "repeatedly" broken its guidelines. On Thursday, YouTube reversed its decision and reinstated the two channels. Several other far-right channels that YouTube banned this week remain unavailable.

An explanation for the change of heart came on Friday. Farshad Shadloo, YouTube's global product policy communications lead, said that after a "thorough review" it had decided that the channels had not broken its rules. "We realise that many may find the viewpoints expressed in these channels deeply offensive," he said. Mr Shadloo added that YouTube had recently updated the way it handled "hateful content".

Earlier this week YouTube boss Susan Wojcicki wrote in a letter to video-makers that YouTube must remain an "open platform". She said the desire to welcome all kinds of views had to be balanced against a "responsibility to protect the community".

"A commitment to openness is not easy. It sometimes means leaving up content that is outside the mainstream, controversial or even offensive," she said. "Hearing a broad range of perspectives ultimately makes us a stronger and more informed society," she claimed.

'I am Talking Directly to You': US Attorney Delivers Powerful Rebuke to White Nationalists

aristarchus writes:

*SPOILER* (click to show) *SPOILER* (click to hide)

ABC News:

The U.S. attorney for the Northern District of Ohio on Thursday announced new federal charges against a self-avowed white nationalist accused of threatening to commit an attack on a local Jewish community center. James Reardon, who attended the 2017 Unite the Right rally in Charlottesville, Virginia, was arrested last week after authorities said he posted the threat on Instagram. U.S. Attorney Justin Herdman said Reardon has now been charged with one count of making threats as authorities continue their investigation into Reardon and whether he my have any accomplices.

Of course, not so much that, but what Herdman said after that.

"I am talking directly to you," Herdman said at a news conference announcing the charges. "The Constitution protects your right to speak, your right to think, and your right to believe. If you want to waste the blessings of liberty by going down a path of hatred and failed ideologies, that is your choice."

Herdman continued, evoking the sacrifices made by U.S. service members in World War II against Nazism, as well as those who marched for civil rights throughout U.S. history.

"Thousands and thousands of young Americans already voted with their lives to ensure that this same message of intolerance, death, and destruction would not prevail - you can count their ballots by visiting any American cemetery in North Africa, Italy, France, or Belgium and tallying the white headstones," Herdman said. "You can also recite the many names of civil rights advocates who bled and died in opposing supporters of those same ideologies of hatred. Their voices may be distant, but they can still be heard."

"The Constitution may give you a voice, but it doesn't guarantee you a receptive audience," Herdman added.

Original Submission #1  Original Submission #2 

Arthur T Knackerbracket has found the following story:

Security shop Egress studied 4,856 personal data breach reports collected from the UK Information Commissioner's Office, and found that in 60 per cent of the incidents, someone within the affected biz was at fault.

Further breaking down human error, it was found that 43 per cent of the data leaks were caused by incorrect disclosure, such as someone sending a file to the wrong person or the wrong file to the right person or persons. For example, 20 per cent of the exposures were caused by faxing a file to the wrong person, and 18 per cent were caused by typing the wrong address into an email field or failing to use bcc and exposing every recipient.

[...] In other words, the biggest threat to your company's data security is you or a colleague. For every exotic APT operation that gets reported, there are four companies done in by someone fat-fingering a fax machine or clicking the wrong file to attach to an email.

"All too often, organizations fixate on external threats, while the biggest cause of breaches remains the fallibility of people and an inherent inability of employees to send emails to the right person," Egress CEO Tony Pepper said of the findings.

[...] None of this is to say that admins should neglect external security entirely. A quick perusal of the California Attorney General's disclosure list shows that four of the five most recently reported data leaks, including the massive Capital One theft, were in fact down to third-party hackers or malware infections. ®

Original Submission