SoylentNews

takyon writes:

Microsoft Issues Statement In Support of Epic Games To Remain On Apple Ecosystem

Earlier this afternoon, Microsoft's Executive Vice President of Gaming Phil Spencer issued a statement on Twitter declaring a desire for ongoing support for Unreal Engine within the Apple ecosystem. With many developers opting to use Unreal Engine over other proprietary development tools, suddenly shutting off access to an entire marketplace for gaming could have a huge impact with bifurcating mobile gaming in general.

The statement released today was prepared by Kevin Gammill, the General Manager for Gaming Developer Experiences for Microsoft. Kevin declared that the Unreal Engine provided by Epic Games, if not kept available on the Apple App Store for developers, would require Microsoft "to choose between abandoning its customers and potential customers on the iOS and macOS plattforms or choosing a different game engine when preparing to develop new games."

Previously: Fortnite Maker Sues Apple after Removal of Game From App Store
Epic-Apple Feud Could Also Affect Third-Party Unreal Engine Games

Original Submission

upstart writes in with an IRC submission for nutherguy:

The Weather Channel app settles suit over selling location data - 9to5Mac:

IBM and the Los Angeles city attorney's office have settled a privacy lawsuit brought after The Weather Channel app was found to be selling user location data without proper disclosure. The lawsuit was filed last year, at which point the app had 45 million active users.

[...] The dispute centers on how users were informed. iOS requires apps to use a permission request system built into iOS, and they must specify the reason they want location access. However, the text is provided by the app, and The Weather Channel text said only that it was to provide local forecasts and alerts.

[...] It made no mention of the fact that user location data would also be sold. Despite this, IBM claimed that it was 'transparent' about what it was doing with the data.

[...] The reality, however, was that this disclosure was made only within a 10,000 word privacy policy that it knew almost nobody ever reads.

Additional coverage at TheVerge, threatpost, and NBC Los Angeles.

Original Submission

upstart writes in with an IRC submission:

Facebook AI produces accurate MRI images 4 times faster than current tech:

Two years ago a team of radiologists from the New York University Grossman School of Medicine joined forces with Facebook's Artificial Intelligence Research (FAIR) group to try and develop a neural network that can produce effective MRI scans from as little data as possible.

[...] The collaborative project, called fastMRI, produced an AI model that can generate detailed MRI images from a quarter of the data traditionally needed. However, as outlined in a blog post penned by the Facebook AI team, creating accurate MRI images was only the first step for the researchers.

"Generating an accurate image isn't the only challenge," the Facebook team writes. "The AI model must also create images that are visually indistinguishable from traditional MRI images. Radiologists spend many hours carefully analyzing these images and an unfamiliar look and feel could make radiologists less likely to adopt fastMRI in their practices."

[...] "This study is an important step toward clinical acceptance and utilization of AI-accelerated MRI scans because it demonstrates for the first time that AI-generated images are essentially indistinguishable in appearance from standard clinical MRI exams and are interchangeable in regards to diagnostic accuracy," says lead author on the new study, Michael Recht. "This marks an exciting paradigm shift in how we are able to improve the patient experience and create images."

The results produced by the fastMRI project are open source, so the research team is hoping MRI hardware vendors can begin rapidly incorporating the new algorithms into their products. The innovation should also be easily incorporated over the next few years into pre-existing MRI hardware currently in hospitals, making patient experiences more comfortable while expanding MRI access to a greater number of people.

Journal Reference:
Michael P. Recht, MD, et. al., Using Deep Learning to Accelerate Knee MRI at 3T: Results of an Interchangeability Study, American Journal of Roentgenology (DOI: 10.2214/AJR.20.23313)

Original Submission

upstart writes in with an IRC submission for nutherguy:

Japan: See-through public toilets open in Tokyo parks:

Transparent public toilets which light up "like a beautiful lantern" have been installed in Tokyo.

The see-through loos have opened in two parks in Shibuya, a commercial part of the Japanese capital which is renowned for its shopping facilities and quality of nightlife.

The toilets use coloured "smart glass" which turns opaque when they are occupied.

The glass technology has been used so people can identify whether the toilet is clean - and if anyone is currently inside.

Users have already said how, once inside the toilet, they cannot tell if the glass is opaque or not - giving them the strange feeling they are on display while spending a penny.

[...] There are plans to open more of the transparent toilets across the same neighbourhood by next spring.

Original Submission

upstart writes in with an IRC submission for nutherguy:

FBI and CISA warn against surge in voice phishing campaigns:

Authorities saw an uptick in voice phishing (or "vishing") campaigns after the pandemic forced companies to implement work-from-home arrangements. That's what the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have revealed in their joint cybersecurity advisory (PDF), which offers companies and end users a list of tips on how they can protect themselves against the scheme.

Part of the advisory reads:

"The COVID-19 pandemic has resulted in a mass shift to working from home, resulting in increased use of corporate VPN and elimination of in-person verification, which can partially explain the success of this campaign. Prior to the pandemic, similar campaigns exclusively targeted telecommunications providers and internet service providers with these attacks but the focus has recently broadened to more indiscriminate targeting."

The advisory was published shortly after Krebs on Security reported that a group of cybercriminals has been marketing a vishing service that uses custom phishing sites and social engineering techniques to steal VPN credentials from employees. While the agencies didn't confirm the report, they said that cybercriminals started a vishing campaign in mid-July 2020. They also described a scheme similar to what Krebs reported: bad actors registered domains using target companies' names and then duplicated their internal VPN login pages. The criminals used VoIP numbers at first but later started using spoofed numbers of victims' workmates and other offices within their company.

Original Submission

upstart writes in with an IRC submission for nutherguy:

New P2P botnet infects SSH servers all over the world:

Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world.

The botnet uses proprietary software written from scratch to infect servers and corral them into a peer-to-peer network, researchers from security firm Guardicore Labs reported on Wednesday. P2P botnets distribute their administration among many infected nodes rather than relying on a control server to send commands and receive pilfered data. With no centralized server, the botnets are generally harder to spot and more difficult to shut down.

"What was intriguing about this campaign was that, at first sight, there was no apparent command and control (CNC) server being connected to," Guardicore Labs researcher Ophir Harpaz wrote. "It was shortly after the beginning of the research when we understood no CNC existed in the first place."

Original Submission

upstart writes in with an IRC submission for nutherguy:

A Fleet of Computers Helps Settle a 90-Year-Old Math Problem:

A team of mathematicians has finally finished off Keller's conjecture, but not by working it out themselves. Instead, they taught a fleet of computers to do it for them.

Keller's conjecture, posed 90 years ago by Ott-Heinrich Keller, is a problem about covering spaces with identical tiles. It asserts that if you cover a two-dimensional space with two-dimensional square tiles, at least two of the tiles must share an edge. It makes the same prediction for spaces of every dimension—that in covering, say, 12-dimensional space using 12-dimensional "square" tiles, you will end up with at least two tiles that abut each other exactly.

Over the years, mathematicians have chipped away at the conjecture, proving it true for some dimensions and false for others. As of this past fall, the question remained unresolved only for seven-dimensional space.

But a new computer-generated proof has finally resolved the problem. The proof, posted online last October, is the latest example of how human ingenuity, combined with raw computing power, can answer some of the most vexing problems in mathematics.

The authors of the new work—Joshua Brakensiek of Stanford University, Marijn Heule and John Mackey of Carnegie Mellon University, and David Narváez of the Rochester Institute of Technology—solved the problem using 40 computers. After a mere 30 minutes, the machines produced a one-word answer: Yes, the conjecture is true in seven dimensions. And we don't have to take their conclusion on faith.

The answer comes packaged with a long proof explaining why it's right. The argument is too sprawling to be understood by human beings, but it can be verified by a separate computer program as correct.

In other words, even if we don't know what the computers did to solve Keller's conjecture, we can assure ourselves they did it correctly.

Original Submission

hendrikboom writes:

Researchers at the Cornell and the Technische Univerität Berlin and Cornell have studied the problem that more popular items get priority in search results, creating a positive feedback loop that unfairly deprecates other, equally valuable items.

Rankings are the primary interface through which many online platforms match users to items (e.g. news, products, music, video). In these two-sided markets, not only the users draw utility from the rankings, but the rankings also determine the utility (e.g. exposure, revenue) for the item providers (e.g. publishers, sellers, artists, studios). It has already been noted that myopically optimizing utility to the users – as done by virtually all learning-to-rank algorithms – can be unfair to the item providers. We, therefore, present a learning-to-rank approach for explicitly enforcing merit-based fairness guarantees to groups of items (e.g. articles by the same publisher, tracks by the same artist). In particular, we propose a learning algorithm that ensures notions of amortized group fairness, while simultaneously learning the ranking function from implicit feedback data. The algorithm takes the form of a controller that integrates unbiased estimators for both fairness and utility, dynamically adapting both as more data becomes available. In addition to its rigorous theoretical foundation and convergence guarantees, we find empirically that the algorithm is highly practical and robust.

Journal Reference:
Marco Morik, Ashudeep Singh, Jessica Hong, and Thorsten Joachims. 2020. Controlling Fairness and Bias in Dynamic Learning-to-Rank. In Proceedings of the 43rd International ACM SIGIR Conference on Research and Development in Information Retrieval (SIGIR '20), July 25–30, 2020, Virtual Event, China. ACM, NewYork, NY, USA. DOI: https://doi.org/10.1145/3397271.3401100

Maybe this, if deployed widely, can help reduce the tendencies for discourse to develop isolated silos.

Original Submission

upstart writes in with an IRC submission:

Microsoft Put Off Fixing Zero Day for 2 Years:

One of the 120 security holes Microsoft fixed on Aug. 11's Patch Tuesday was CVE-2020-1464, a problem with the way every supported version of Windows validates digital signatures for computer programs.

Code signing is the method of using a certificate-based digital signature to sign executable files and scripts in order to verify the author's identity and ensure that the code has not been changed or corrupted since it was signed by the author.

Microsoft said an attacker could use this "spoofing vulnerability" to bypass security features intended to prevent improperly signed files from being loaded. Microsoft's advisory makes no mention of security researchers having told the company about the flaw, which Microsoft acknowledged was actively being exploited.

In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018. And several researchers informed Microsoft about the weakness over the past 18 months.

Bernardo Quintero is the manager at VirusTotal, a service owned by Google that scans any submitted files against dozens of antivirus services and displays the results. On Jan. 15, 2019, Quintero published a blog post outlining how Windows keeps the Authenticode signature valid after appending any content to the end of Windows Installer files (those ending in .MSI) signed by any software developer.

[...] "In short, an attacker can append a malicious JAR to a MSI file signed by a trusted software developer (like Microsoft Corporation, Google Inc. or any other well-known developer), and the resulting file can be renamed with the .jar extension and will have a valid signature according Microsoft Windows," Quintero wrote.

[Emphasis from original retained.]

Original Submission

upstart writes in with an IRC submission:

Covid-19 Data Will Once Again Be Collected by CDC, in Policy Reversal :

The U.S. Department of Health and Human Services is reversing course on a change to the way hospitals report critical information on the coronavirus pandemic to the government, returning the responsibility for data collection to the Centers for Disease Control and Prevention.

Deborah Birx, the White House's coronavirus coordinator, told hospital executives and government officials in Arkansas this week that the current system under which hospitals report new cases is "solely an interim system" and that the reporting would soon go back to the CDC.

"CDC is working with us right now to build a revolutionary new data system so it can be moved back to the CDC, and they can have that regular accountability with hospitals relevant to treatment and PPE," Dr. Birx said, referring to personal protective equipment used by doctors and nurses.

The reversal comes after increasing reports that the new system has been plagued by delays and inconsistencies in data since being implemented in July. Among other things, certain key statistics, such as inpatient beds occupied by Covid-19 patients, were updated only once a week, rather than daily or multiple times a week, as under the CDC system.

Original Submission

An Anonymous Coward writes:

After Legal Win, What's Next for Magic Mushrooms?:

On August 4, Canada's Health Minister Patty Hajdu granted, by way of a Section 56 of the Controlled Drugs and Substances Act, permission for four terminally-ill Canadians to consume psychedelic drugs. The decision comes after months of careful maneuvering by TheraPsil, a Canadian non-profit seeking to treat end-of-life distress with psilocybin, the active ingredient in magic mushrooms.

Dr. Bruce Tobin, a B.C.-based psychotherapist and TheraPsil's founder and chair, called the decision a game-changer. "It will contribute a whole new class of pharmacological tools and resources to the profession," he said. "Those of us who have been veterans in the field of clinical psychology understand all too well that there's just a very wide range of patient cases that the state-of-the-art isn't up to treating very well."

While the current exemption applies only to the approved patients seeking treatment for end-of-life anxiety and depression, TheraPsil's ultimate goal is legalized clinical access to medical-grade psilocybin within Canada's existing public healthcare framework.

[...] So far, the most credible applications of psychedelic medicine appear in the therapeutic treatments foregrounded by groups like TheraPsil. In Oregon, voters will see statewide access to legalized psilocybin therapy as an item on the November ballot. The Yes On IP34 initiative is petitioning the Oregon Health Authority to create a licensing system that regulates the use of psilocybin by trained practitioners. The movement is spearheaded by Tom and Sheri Eckert, husband-and-wife therapists and founders of the Oregon Psilocybin Society. "Psilocybin therapy is not a panacea," says Sheri, "but it's pretty unique in its potential to address a spectrum of mental health issues like depression, anxiety, and some addictions."

Original Submission

An Anonymous Coward writes:

Japan Animation Leaders Unite for YouTube Initiative:

Toei Animation, Kodansha and other anime content providers have banded together to start a channel on YouTube. The goal is to have 30 companies providing 3,000 anime titles by 2022, with the number of views per month reaching 300 million.

Called Animelog, or Anilog, the channel was launched Friday by Analyzelog, a company that supports corporate digital strategies. The target audience for the channel is currently local, but there are also plans to add sub-titled content in English and Chinese for overseas fans.

[...] "There exists a problem of illegal video distribution service these days, but "AnimeLog" will distribute only officially-licensed animations and operate as a safe channel that families can enjoy together," said Analyzelog in a statement.

Currently, the AnimeLog アニメログ channel has 225k subscribers with no content.

Original Submission

upstart writes in with an IRC submission for RandomFactor:

China Is Approaching the Release of Digital Yuan by Expanding its Trials:

As the idea of issuing the Central Bank Digital Currency (CBDC) is gaining traction worldwide, China makes practical steps to make their digital yuan release closer. Now, the country is going to expand its trials to test the CBDC potential on a larger scale.

CoinIdol, a world blockchain news outlet, has reported the start of the first digital yuan trials back in spring 2020. Initially, it covered four locations across the country: the cities of Chengdu, Suzhou, Shenzhen, and Xiong'An. It included major commercial banks of the country as well as some well-known global brands such as McDonald's and Starbucks.

Now, as the Wall Street Journal reports, the People's Bank of China (PBoC) plans on expanding the pilot's area to the country's major cities and provinces including Beijing, the provinces of Tianjin and Hebei, the Yangtze River Delta region, and the Guangdong-Hong Kong-Macao Greater Bay Area.

The expansion is mostly targeted at checking the operation of the CBDC on a larger scale, as well as shaping of final policies before the full-fledged launch. However, the PBoC haven't provided any specific date of the expansion start, as well as the planned launch. At the same time, the institution stated that final policy-shaping is expected to be completed before the end of 2020, so the expansion is likely to start in the days ahead.

[...] The launch of the digital yuan can potentially make China the world's strongest economy, thus giving it a chance to combat the US hegemony in the world. That is why the country is very unlikely to take too long with expanding its CBDC trials as well as finishing all development processes.

Also At:
China Expands Digital Cash Pilot Program:

Original Submission #1  Original Submission #2 

upstart writes in with an IRC submission:

AWS Cryptojacking Worm Spreads Through the Cloud:

A cryptomining worm from the group known as TeamTNT is spreading through the Amazon Web Services (AWS) cloud and collecting credentials. Once the logins are harvested, the malware logs in and deploys the XMRig mining tool to mine Monero cryptocurrency.

According to researchers at Cado Security, the worm also deploys a number of openly available malware and offensive security tools, including "punk.py," a SSH post-exploitation tool; a log cleaning tool; the Diamorphine rootkit; and the Tsunami IRC backdoor.

It is, they said, the first threat observed in the wild that specifically targets AWS for cryptojacking purposes. However, it also carries out more familiar fare.

"The worm also steals local credentials, and scans the internet for misconfigured Docker platforms," according to a Monday posting. "We have seen the attackers...compromise a number of Docker and Kubernetes systems."

[...] Cado researchers suggested that to thwart such attacks, businesses should identify which systems are storing AWS credential files and delete them if they aren't needed. Also, review network traffic for any connections to mining pools or those sending the AWS credentials file over HTTP; and, use firewall rules to limit any access to Docker APIs.

Original Submission

takyon writes:

TikTok plans to sue Trump administration over US ban

TikTok plans to sue the Trump administration over its executive order banning transactions between U.S. companies and the popular video-sharing app as well as its Chinese parent company, ByteDance.

"Even though we strongly disagree with the Administration's concerns, for nearly a year we have sought to engage in good faith to provide a constructive solution," a TikTok spokesperson told The Hill. "What we encountered instead was a lack of due process as the Administration paid no attention to facts and tried to insert itself into negotiations between private businesses," the spokesperson continued. "To ensure that the rule of law is not discarded and that our company and users are treated fairly, we have no choice but to challenge the Executive Order through the judicial system," the spokesperson added.

Also at NYT and Business Insider.

Previously: Bytedance: The World's Most Valuable Startup
Lawmakers Ask US Intelligence to Assess If TikTok is a Security Threat
TikTok and 53 Other iOS Apps Still Snoop Your Sensitive Clipboard Data
India Bans TikTok, WeChat, and Other Chinese-Owned Apps
President Trump Threatens TikTok Ban, Microsoft Considers Buying TikTok's U.S. Operations[Updated 2]
TikTok: Trump Will Prohibit Transactions with Bytedance Beginning September 20

Original Submission