The Linkielist

Linking ideas with the world

The Linkielist

Author Archives: Robin Edgar

About Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

Oracle facing class action over ‘brokering’ personal data of 5 billion people

Posted on by

Oracle is the subject of a class-action suit alleging the software giant created a network containing personal information of hundreds of millions of people and sold the data to third parties.

The case [PDF] is being brought by Johnny Ryan, formerly a policy officer at Brave, maker of the privacy-centric browser, and now part of the Irish Council for Civil Liberties (ICCL), who was behind several challenges to Google, Amazon, and Microsoft’s online advertising businesses.

The ICCL claims Oracle has amassed detailed dossiers on 5 billion people which generates $42.4 billion in annual revenue.

The allegations appear to be based, in part, on an Oracle presentation from 2016 in which Oracle CTO and founder Larry Ellison described how data was collected so businesses could predict purchasing patterns among consumers.

Ellison said at the time [1:15 onward]: “It is a combination of real-time looking at all of their social activity, real-time looking at where they are including, micro-locations – and this is scaring the lawyers [who] are shaking their heads and putting their hands over their eyes – knowing how much time you spend in a specific aisle of a specific store and what is in that aisle of a store. As we collect information about consumers and you combine that with their demographic profile, and their past purchasing behavior, we can do a pretty good job of predicting what they’re going to buy next.”

The ICCL claims Oracle’s dossiers about people include names, home addresses, emails, purchases online and in the real world, physical movements in the real world, income, interests and political views, and a detailed account of online activity.

[…]

 

Source: Oracle facing class action over ‘brokering’ personal data • The Register

Smartphone gyroscopes and LED threaten air-gapped systems

Posted on by

[…]

A pair of preprint papers from Mordechai Guri, head of R&D at Ben-Gurion University’s Cyber Security Research Labs, detail new methods for transmitting data ultrasonically to smartphone gyroscopes and sending Morse code signals via LEDs on network interface cards (NICs).

Dubbed Gairoscope and EtherLED respectively, the two exploits are the latest in a long line of research from Guri, who has previously developed air gap exfiltration methods, including stealing data by reading the radio frequency of networking cables, using RAM buses to transmit data electromagnetically, and doing the same with power supplies.

[…]

The problem with phone gyroscopes is that, unlike microphones that are generally visibly activated, Gyroscopes can be “used by many types of applications to ease the graphical interfaces, and users may approve their access without suspicion,” Guri wrote in the paper.

Additionally, Guri cites a lack of visual indicator in iOS and Android that the gyroscope is being used and the fact that smartphone gyroscopes can be accessed from a browser using JavaScript, meaning – in theory – that no actual malware need be installed on the device to execute the attack.

Using his method, Guri was able to achieve speeds of up to eight bits per second at a max distance of eight meters, which the paper claims is faster than other established covert acoustic methods. Guri demonstrated the attack in a video showing an Android app detecting and decoding a message typed on a computer monitor within a few seconds of it being typed.

NICing data from LEDs

The second attack Guri reported on was EtherLED, which uses the familiar green-and-amber lights on network interface cards to transmit data in Morse code. As opposed to similar attacks that rely on exploiting lights on keyboards, hard drives and the brightness of monitors, Guri said Ethernet LEDs are “a threat that has not been studied before, theoretically or technically.”

In this case, the lights being used is the novel element. As with other optical exfiltration techniques, EtherLED requires a visual line of sight, and as such is limited by the placement of existing hackable cameras that can spot the infected NIC and whether the lights face an outside window where someone could place a drone or other camera capable of picking up the blinks and decoding them.

Additionally, mitigations like covering NIC lights with black tape still apply.

[…]

It’s easy to dismiss attacks against air-gapped systems as rare instances targeted against specific types of targets. While uncommon, attacks against such systems can be devastating.

[…]

Guri cites Stuxnet, a joint operation between the US and Israel to destroy Iranian nuclear enrichment systems, as a successful air gap infiltration. In addition, “several attacks on air-gapped facilities such as the power utilities and nuclear power plants have been publicized in recent years,” Guri wrote.

[…]

Source: Smartphone gyroscopes threaten air-gapped systems • The Register

Hackers Use Deepfakes of Binance Exec to Scam Crypto Projects

Posted on by

Binance Chief Communications Officer Patrick Hillmann wrote in a blog post last week that internet scammers had been using deepfake technology to copy his image during video meetings. He started to catch on to this trend when he received messages from the leadership of various crypto projects thanking him for meetings he never attended.

Hillmann shared one screenshot of messages sent over LinkedIn with one supposed project leader telling the Binance exec somebody had impersonated his hologram. The communications officer wrote that a team of hackers had used old interviews found online to create a deepfake of him. Hillmann added that “Other than the 15 pounds that I gained during COVID being noticeably absent, this deep fake was refined enough to fool several highly intelligent crypto community members.”

[…]

Source: Hackers Use Deepfakes of Binance Exec to Scam Crypto Projects

Oktatapus Hack Stole 10,000 Logins From 130 Different Orgs

Posted on by

Researchers say that a mysterious “threat actor” (a fancy term for a hacker or hacker group) has managed to steal nearly 10,000 login credentials from the employees of 130 organizations, in the latest far-reaching supply chain attack on corporate America. Many of the victims are prominent software companies, including firms like Twilio, MailChimp, and Cloudflare, among many others.

The news comes from research conducted by cybersecurity firm Group-IB, which began looking into the hacking campaign after a client was phished and reached out for help. The research shows that the threat actor behind the campaign, which researchers have dubbed “0ktapus,” used basic tactics to target staff from droves of well-known companies. The hacker(s) would use stolen login information to gain access to corporate networks before going on to steal data and then break into another company’s network.

“This case is of interest because despite using low-skill methods it was able to compromise a large number of well-known organizations,” researchers wrote in their blog Thursday. “Furthermore, once the attackers compromised an organization they were quickly able to pivot and launch subsequent supply chain attacks, indicating that the attack was planned carefully in advance.”

[…]

the hackers first went after companies that were users of Okta, the identity and access management firm that provides single sign-on services to platforms all across the web. Using the toolkit, the threat actor sent SMS phishing messages to victims that were styled to look just like the ID authentication pages provided by Okta. Thinking that they were engaging in a normal security procedure, victims would enter their information—including username, password, and multi-factor authentication code.

After they entered this information, the data was then secretly funneled to a Telegram account controlled by the cybercriminals. From there, the threat actor could use the Okta credentials to log into the organizations that the victims worked for. The network access was subsequently abused to steal company data and engage in more sophisticated supply chain attacks that targeted the broader corporate ecosystems that the firms were a part of.

[…]

Source: Oktatapus Hack Stole 10,000 Logins From 130 Different Orgs

Google research AI image noise reduction is out of this world

Posted on by

If you have great lighting, a good photographer can take decent photos even with the crappiest camera imaginable. In low light, though, all bets are off. Sure, some cameras can shoot haunting video lit only by the light of the moon, but for stills — and especially stills shot on a smartphone — digital noise continues to be a scourge. We may be getting close to what is possible to achieve with hardware; heat and physics are working against us making even better camera sensors. But then Google Research came along, releasing an open source project it calls MultiNerf, and I get the sense that we’re at the precipice of everything changing.

I can write a million words about how awesome this is, but I can do better; here’s a 1-minute-51-second video, which, at 30 frames per second and “a picture tells a thousand words,” is at least 1.5 million words worth of magic:

Video Credits: DIYPhotography

The algorithms run on raw image data and adds AI magic to figure out what footage “should have” looked like without the distinct video noise generated by imaging sensors.

Source: Google research AI image noise reduction is out of this world

Physicists invent intelligent quantum sensor of light wave properties

Posted on by

[…]

Typically, when you want to characterize a wave of light, you have to use different instruments to gather information, such as the intensity, wavelength and polarization state of the light. Those instruments are bulky and can occupy a significant area on an optical table,” said Dr. Fan Zhang, a corresponding author of the study and associate professor of physics in the School of Natural Sciences and Mathematics.

“Now we have a single device—just a tiny and thin chip—that can determine all these properties simultaneously in a very short time,” he said.

The device exploits the unique physical properties of a novel family of two-dimensional materials called moiré metamaterials. Zhang, a , published a review article on these materials Feb. 2 in Nature.

The 2D materials have periodic structures and are atomically thin. If two layers of such a material are overlaid with a small rotational twist, a moiré pattern with an emergent, orders-of-magnitude larger periodicity can form. The resulting moiré metamaterial yields that differ significantly from those exhibited by a single layer alone or by two naturally aligned layers.

The sensing device that Zhang and his colleagues chose to demonstrate their new idea incorporates two layers of relatively twisted, naturally occurring bilayer graphene, for a total of four atomic layers.

“The moiré metamaterial exhibits what’s called a bulk photovoltaic effect, which is unusual,” said Patrick Cheung, a physics doctoral student at UT Dallas and co-lead author of the study. “Normally, you have to apply a voltage bias to produce any current in a material. But here, there is no bias at all; we simply shine a light on the moiré metamaterial, and the light generates a current via this bulk photovoltaic effect. Both the magnitude and phase of the photovoltage are strongly dependent on the , wavelength and polarization state.”

By tuning the moiré metamaterial, the photovoltage generated by a given incoming light wave creates a 2D map that is unique to that wave—like a fingerprint—and from which the wave’s properties might be inferred, although doing so is challenging, Zhang said.

Researchers in Dr. Fengnian Xia’s lab at Yale University, who constructed and tested the device, placed two , or gates, on top and underneath the moiré metamaterial. The two gates allowed the researchers to tune the quantum geometric properties of the material to encode the infrared light waves’ properties into “fingerprints.”

The team then used a —an artificial intelligence algorithm that is widely used for image recognition—to decode the fingerprints.

“We start with light for which we know the intensity, wavelength and polarization, shine it through the device and tune it in different ways to generate different fingerprints,” Cheung said. “After training the with a data set of about 10,000 examples, the network is able to recognize the patterns associated with these fingerprints. Once it learns enough, it can characterize an unknown .”

[…]

Source: Physicists invent intelligent quantum sensor of light waves

Evusheld COVID Protection for Immunocompromised People

Posted on by

[…]

If you couldn’t get a COVID vaccine, or if you got it but are in the group of people who likely aren’t as well protected, you can get Evusheld for an extra layer of protection.

What is Evusheld?

Evusheld is considered “pre-exposure prophylaxis” for COVID, and is available for people who are moderately to severely immunocompromised. The CDC has guidelines about Evusheld here. Evusheld is given every 6 months.

The treatment consists of two injections of monoclonal antibodies, tixagevimab and cilgavimab. In other words, instead of triggering your body to produce its own antibodies, you’re being given some ready-made antibodies. You should still also get your COVID vaccine, if you’re able to.

Who can get Evusheld?

Evusheld is for people who are moderately or severely immunocompromised or who are unable to be fully vaccinated with one of the regular COVID vaccines (for example, if you had an allergic reaction to your first dose or if you know you are allergic to a component of the vaccine). You also need to be at least 12 years old and weigh at least 88 pounds.

[…]

Source: What Is Evusheld? COVID Protection for Immunocompromised People

The EU’s AI Act could have a chilling effect on open source efforts, experts warn

Posted on by

The nonpartisan think tank Brookings this week published a piece decrying the bloc’s regulation of open source AI, arguing it would create legal liability for general-purpose AI systems while simultaneously undermining their development. Under the EU’s draft AI Act, open source developers would have to adhere to guidelines for risk management, data governance, technical documentation and transparency, as well as standards of accuracy and cybersecurity.

If a company were to deploy an open source AI system that led to some disastrous outcome, the author asserts, it’s not inconceivable the company could attempt to deflect responsibility by suing the open source developers on which they built their product.

“This could further concentrate power over the future of AI in large technology companies and prevent research that is critical to the public’s understanding of AI,” Alex Engler, the analyst at Brookings who published the piece, wrote. “In the end, the [E.U.’s] attempt to regulate open-source could create a convoluted set of requirements that endangers open-source AI contributors, likely without improving use of general-purpose AI.”

[…]

In a recent example, Stable Diffusion, an open source AI system that generates images from text prompts, was released with a license prohibiting certain types of content. But it quickly found an audience within communities that use such AI tools to create pornographic deepfakes of celebrities.

[…]

“The road to regulation hell is paved with the EU’s good intentions,” Etzioni said. “Open source developers should not be subject to the same burden as those developing commercial software. It should always be the case that free software can be provided ‘as is’ — consider the case of a single student developing an AI capability; they cannot afford to comply with EU regulations and may be forced not to distribute their software, thereby having a chilling effect on academic progress and on reproducibility of scientific results.”

Instead of seeking to regulate AI technologies broadly, EU regulators should focus on specific applications of AI, Etzioni argues. “There is too much uncertainty and rapid change in AI for the slow-moving regulatory process to be effective,” he said. “Instead, AI applications such as autonomous vehicles, bots, or toys should be the subject of regulation.”

[…]

Source: The EU’s AI Act could have a chilling effect on open source efforts, experts warn | TechCrunch

Edit 14/9/22: Willy Tadema has been discussing this with the NL.gov people and points out that Axel Voss has introduced exemptions into the act:

Last week, the Legal Affairs committee in the European Parliament adopted my opinion on the #AIAct with strong support. 17 votes in favor, one against.

Focusing on 10 key areas within the competence of the JURI committee, we send a strong signal to the lead committees, LIBE and IMCO while also presenting new ideas for the political debate on #AI.

On the scope (Art. 2), we introduce three new exemptions.
– On research, testing, development to promote innovation in AI,
– On Business to Business (B2B) to avoid regulating non-risky industrial applications,
– On open-source until its commercialization to support small market players.

We also adjusted the responsibilities of providers (Art. 16) as well as users (Art. 29) as regards their supply chain. In addition, we specified under what circumstances those responsibilities might shift to another actor (Art. 23a) and we tried to integrate general purpose AI into the AI Act.

The JURI committee also transformed the AI Board into a powerful EU body with own legal personality and strong involvement of stakeholders which would help to better coordinate among Member States and to keep AI Act up to date.

As usual, I have to thank Kai Zenner for his tireless work and the great result!

Hydrogen could be harvested from thin air in the desert

Posted on by

[…]

To avoid taking water from an already strained local supply, a team led by Gang Kevin Li, senior lecturer at the University of Melbourne, Australia, has built a system which extracts water from airborne vapor using a hygroscopic electrolyte, in this case sulfuric acid. The approach then uses solar-generated electricity to split the water into hydrogen and oxygen.

The team proved it could operate at a relative humidity of about 4 percent, well below that of most deserts. On a warm sunny day, the meter-square unit was able to produce 3.7m3 of hydrogen.

“Hydrogen is the ultimate clean energy,” the paper, published in Nature Communications, said. “Despite being the most abundant element in the universe, hydrogen exists on the earth mainly in compounds like water. H2 produced by water electrolysis using renewable energy, namely, green hydrogen, represents the most promising energy carrier of the low-carbon economy. H2 can also be used as a medium of energy storage for intermittent energies such as solar, wind, and tidal.”

[…]

Source: Hydrogen could be harvested from thin air in the desert • The Register

Korean nuclear fusion tokamak reactor achieves 100 million°C for 30 seconds

Posted on by

A nuclear fusion reaction has lasted for 30 seconds at temperatures in excess of 100 million°C. While the duration and temperature alone aren’t records, the simultaneous achievement of heat and stability brings us a step closer to a viable fusion reactor – as long as the technique used can be scaled up.

Most scientists agree that viable fusion power is still decades away, but the incremental advances in understanding and results keep coming. An experiment conducted in 2021 created a reaction energetic enough to be self-sustaining, conceptual designs for a commercial reactor are being drawn up, while work continues on the large ITER experimental fusion reactor in France.

Now Yong-Su Na at Seoul National University in South Korea and his colleagues have succeeded in running a reaction at the extremely high temperatures that will be required for a viable reactor, and keeping the hot, ionised state of matter that is created within the device stable for 30 seconds.

Controlling this so-called plasma is vital. If it touches the walls of the reactor, it rapidly cools, stifling the reaction and causing significant damage to the chamber that holds it. Researchers normally use various shapes of magnetic fields to contain the plasma – some use an edge transport barrier (ETB), which sculpts plasma with a sharp cut-off in pressure near to the reactor wall, a state that stops heat and plasma escaping. Others use an internal transport barrier (ITB) that creates higher pressure nearer the centre of the plasma. But both can create instability.

Na’s team used a modified ITB technique at the Korea Superconducting Tokamak Advanced Research (KSTAR) device, achieving a much lower plasma density. Their approach seems to boost temperatures at the core of the plasma and lower them at the edge, which will probably extend the lifespan of reactor components.

[…]

Source: Korean nuclear fusion reactor achieves 100 million°C for 30 seconds | New Scientist

War profiteering Finland govt nationalises 1% of energy companies

Posted on by

With Russia closing the gas pipelines to Europe as a catalyst and using the people of Finland as blackmail material the Finnish government is taking control of company payment structures and grabs 1% of any company that signs up to the possibility of taking a loan from the government at extortionate interest rates.

It’s pretty obvious it’s a safe loan that will be paid back, but the amounts are beyond normal banking facilities to provide.

Energy companies can simply not afford to not sign up for the possibility of the loan (even if they’re not sure they actually need the facility yet) because bankruptcy is not an option if you’re servicing heating for the population and energy for companies to operate on. It’s this need to care for people that the Finnish government – which is supposed to protect the population – is strong arming the energy sector to sign up for these bizarre conditions.

To be sure: the Finnish government take the 1% of the company and control payments whether a loan is taken out or not and even after repayment of the loan.

They have potentially valued the energy sector in Finland at EUR 0,-.

[…]

Minister of Finance Annika Saarikko (Centre) stated that the funding should not be misconstrued as financial aid or subsidy.

“It’s a loan,” she emphasised. “Companies must pay it back in two years’ time. And the government would only lose money in the extreme circumstance where the company ends up permanently insolvent. Even then, similarly to a regular loan, a share of the company’s collaterals – such as power plants or electricity production – corresponding to the [loan] value would end up in the state’s possession.”

The emergency funding scheme enables the government to grant loans and guarantees to companies with an electricity production capacity of more than 100 megawatts that have exhausted all other financing options, that are deemed critical for the functioning of the electricity market and that are at risk of insolvency due to soaring collateral requirements.

[…]

The financing will be available until the end of next year with a maximum repayment period of two years and with a total interest rate of 10 per cent for the first six months and one of 12 per cent for the rest of the repayment period, according to Helsingin Sanomat.

The borrower, in turn, will be prohibited from making dividend payouts or re-distributing their profits in other ways until the loan has been repaid. Offering bonuses, pay rises and other incentives to the management will similarly be prohibited between 2022 and 2023. The borrower must also invite the government to take up a one per cent stake through a free share issue or consent to a three-percentage-point increase in the interest rate.

“The loan terms are exceptionally strict,” confirmed Saarikko. “It’s a message from the government to companies that this is a last-resort form of assistance. You should first turn to your owners, such as municipalities in the public sector, and market-based financing solutions.”

The government introduced the emergency funding scheme due to the mounting collateral requirements faced by energy companies active in the electricity derivatives market. Collaterals can be demanded by customers as a form of guarantee of their future electricity supply as their value is equal to the difference of the price defined in the futures contract and current price.

Energy prices have soared in the wake of Russia’s invasion of Ukraine.

[…]

Source: Helsinki Times

Scientists Find a Simple Way to Produce Hydrogen From Water at Room Temperature

Posted on by

Hydrogen fuel promises to be a clean and abundant source of energy in the future – as long as scientists can figure out ways to produce it practically and cheaply, and without fossil fuels.

A new study provides us with another promising step in that direction, provided you can make use of existing supplies of post-consumer aluminum and gallium.

In the new research, scientists describe a relatively simple method involving aluminum nanoparticles that are able to strip the oxygen from water molecules and leave hydrogen gas.

The process yields large amounts of hydrogen, and it all works at room temperature.

That removes one of the big barriers to hydrogen fuel production: the large amounts of power required to produce it using existing methods.

This technique works with any kind of water, too, including wastewater and ocean water.

“We don’t need any energy input, and it bubbles hydrogen like crazy,” says materials scientist Scott Oliver from the University of California, Santa Cruz (UCSC).

“I’ve never seen anything like it.”

Key to the process is the use of gallium metal to enable an ongoing reaction with the water. This aluminum-gallium-water reaction has been known about for decades, but here the team optimized and enhanced it in a few particular ways.

With the help of scanning electron microscopy and X-ray diffraction techniques, the researchers were able to find the best mix of aluminum and gallium for producing hydrogen with the greatest efficiency: a 3:1 gallium-aluminum composite.

The gallium-rich alloy does double duty in both removing aluminum’s oxide coating (which would ordinarily block the reaction with water) and in producing the aluminum nanoparticles that enable faster reactions.

“The gallium separates the nanoparticles and keeps them from aggregating into larger particles,” says Bakthan Singaram, a professor of organic chemistry at UCSC.

“People have struggled to make aluminum nanoparticles, and here we are producing them under normal atmospheric pressure and room temperature conditions.”

The mixing method isn’t complicated, the researchers report, and the composite material can be stored for at least three months when submerged in cyclohexane to protect it from moisture, which would otherwise degrade its efficacy.

Aluminum is easier to get hold of than gallium as it can be sourced from post-consumer materials, such as discarded aluminum cans and foil.

Gallium is more expensive and less abundant, but in this process at least it can be recovered and reused many times over without losing its effectiveness.

There is still work to do, not least in making sure this can be scaled up from a lab set-up to something that can be used on an industrial scale. However, the early signs are that this is another method that has a lot of potential for hydrogen fuel production.

“Overall, the Ga-rich Ga−Al [gallium-rich gallium-aluminum] mixture produces substantial amounts of hydrogen at room temperature with no energy input, material manipulation, or pH modification,” the researchers conclude in their paper.

The research has been published in Applied Nano Materials.

Source: Scientists Find a Simple Way to Produce Hydrogen From Water at Room Temperature : ScienceAlert

Meta fined $402 million in EU over Instagram’s privacy settings for children

Posted on by

Meta has been fined €405 million ($402 million) by the Irish Data Protection Commission for its handling of children’s privacy settings on Instagram, which violated Europe’s General Data Protection Regulation (GDPR). As Politico reports, it’s the second-largest fine to come out of Europe’s GDPR laws, and the third (and largest) fine levied against Meta by the regulator.

A spokesperson for the DPC confirmed the fine, and said additional details about the decision would be available next week. The fine stems from the photo sharing app’s privacy settings on accounts run by children. The DPC had been investigating Instagram over children’s use of business accounts, which made personal data like email addresses and phone numbers publicly visible. The investigation also covered Instagram’s policy of defaulting all new accounts, including teens, to be publicly viewable.

[…]

Source: Meta faces $402 million EU fine over Instagram’s privacy settings for children | Engadget

Samsung says customer data stolen in July data breach – again

Posted on by

Electronics giant Samsung has confirmed a data breach affecting customers’ personal information.

In a brief notice, Samsung said it discovered the security incident in late-July and that an “unauthorized third party acquired information from some of Samsung’s U.S. systems.” The company said it determined customer data was compromised on August 4.

Samsung said Social Security numbers and credit card numbers were not affected, but some customer information — name, contact and demographic information, date of birth, and product registration information — was taken.

“The information affected for each relevant customer may vary. We are notifying customers to make them aware of this matter,” said the statement.

Samsung spokesperson Chris Langlois told TechCrunch by email via crisis communications firm Edelman that demographic data relates to customer information used for marketing and advertising, but didn’t specify what types of data this includes. Langlois added that registration data, provided by customers in order to access support and warranty information, includes product purchase date, model, and device ID.

Langlois declined to say how many customers were affected or why it took Samsung more than a month to notify customers about the breach, which was announced just hours ahead of a U.S. holiday weekend marking Labor Day.

[…]

This is the second time Samsung has confirmed a data breach this year. In March, the company admitted that the Lapsus$ hacking group — the same group that infiltrated Nvidia, Microsoft and T-Mobile — obtained and leaked almost 200 gigabytes of confidential data, including source code for various technologies and algorithms for biometric unlock operations.

Source: Samsung says customer data stolen in July data breach | TechCrunch

Pharma Startup President Convicted in Fake Covid Testing Scheme

Posted on by

Blood testing huckster and former Arrayit president Mark Schena has been convicted in a covid-19 and allergy test scheme that allegedly resulted in nearly $80 million worth of fraudulent claims. Schena, who was convicted on five separate charges, could potentially spend decades in prison, according to the Department of Justice

The DOJ alleges Schena misled investors with bogus claims of “revolutionary” new technology capable of testing for virtually any disease with just a couple of pinpricks of blood while president of his pharma startup. No, this isn’t Theranos but it yes, it sure does sound similar.

Schena allegedly misled investors and told them his company was valued at around $4.5 billion. In reality, the DOJ alleges the president withheld documents that revealed Arrayit was actually on the verge of bankruptcy. Arrayit allegedly released fabricated press releases and tweets falsely claiming major institutions had entered into partnerships with the company. Schena even boldly claimed he was on a “shortlist” for the Nobel Prize, a claim that also turned out to be bullshit.

[…]

All told, Arrayit allegedly filed $77 million worth of false and fraudulent claims for its covid-19 and allergy testing service. Schena, who was convicted of one count of conspiracy to commit health care fraud and conspiracy to commit wire fraud, two counts of health care fraud, one count of conspiracy to pay kickbacks, two counts of payment of kickbacks, and three counts of securities fraud, could potentially face decades in prison.

Source: Pharma Startup President Convicted in Fake Covid Testing Scheme

Scientists Turn Plastic Into Diamonds In Breakthrough

Posted on by

[…]

Since the 1970s, scientists believed that diamonds might actually rain down toward the mostly slushy planets’ rocky interiors—a diamond rain, if you will.

In 2017, researchers in Germany and California found a way to replicate those planetary conditions, fabricating teeny tiny diamonds called nanodiamonds in the lab using polystyrene (aka Styrofoam). Five years later and they’re back at it again, this time using some good ol’ polyethylene terephthalate (PET), according to a study published on Friday in Science Advances. The research has implications not only for our understanding of space, but paves a path toward creating nanodiamonds that are used in a range of contexts out of waste plastic.

[…]

When Kraus and his colleagues first attempted making nanodiamonds with polystyrene—which contains the same elements of carbon and hydrogen found on Neptune and Uranus—they did so by bombarding the material with the Linac Coherent Light Source, a high-powered X-ray laser at the SLAC National Acceleratory Laboratory in California. This process rapidly heated the polystyrene to 5,000 Kelvin (around 8,540 degrees Fahrenheit) and compressed it by 150 gigapascals, similar to conditions found about 6,000 miles into the interior of the icy planets.

While the researchers were able to make the microscopic bling with two quick hits from the laser, they later realized one vital chemical ingredient was missing: oxygen. So they turned to PET, which has a good balance of not only carbon and hydrogen but also oxygen, making it a closer chemical proxy to the ice giants than polystyrene.

[…]

“We found that the presence of oxygen enhances diamond formation instead of preventing it, making ‘diamond rain’ inside those planets a more likely scenario,” said Kraus. “We [also] see that diamonds grow larger for higher pressures and with progressing time in the experiments.”

They were also able to squeeze out a lot of tiny diamonds from just one shot of X-ray, on the order of a few billion crystallites (or a few micrograms if you’re talking total weight).

[…]

“If industrial scaling of the formation process indeed works as discussed above, and nanodiamonds will be required in very large quantitates for certain processes, e.g., catalysis for light-induced CO2 reduction reactions helping to reduce global warming, this may indeed become a potential way to recycle large amounts of PET,”  said Kraus.

[…]

Source: Scientists Turn Plastic Into Diamonds In Breakthrough

Use This Free Tool to Restore Faces in Old Family Photos

Posted on by

[…]

GFPGAN—first made it onto our radar when it was featured in the August 28 edition of the (excellent) Recomendo newsletter, specifically, a post by Kevin Kelly. In it, he says that he uses this free program to restore his own old family photos, noting that it focuses solely on the faces of those pictured, and “works pretty well, sometimes perfectly, in color and black and white.”

There are several ways to access the program—as outlined in this post on ByteXD—but we got there using this Baseten web page, per Kelly’s recommendation.

The tool is incredibly easy to use. If you are accessing GFPGAN on your phone, you have the option of selecting a photo from your library, or taking a new photo to use. When we accessed the page on a laptop, the only option was choosing a file from your computer.

Anyway, once you upload the photo, tap or click the green “Restore photo” button, and then wait for the final product. While the results aren’t instant, the restoring process takes roughly 15 to 20 seconds.

First, your original image will show up on the left, and then a few seconds later, the restored image will appear on the right. There’s a link you can click directly underneath the restored photo to download it. That’s it!

Of course, if a photo is damaged and part of someone’s face has torn off, GFPGAN can’t make it reappear, but the tool can improve the quality of what’s there. As an example, here’s a screenshot from the version of the program on the Baseten web page, featuring one of my own family photos:

Image for article titled Use This Free Tool to Restore Faces in Old Family Photos
Screenshot: Elizabeth Yuko

I never knew who the woman on the bottom left of the photo was, but in the restored image, I can easily identify her as my great-aunt.

[…]

Source: Use This Free Tool to Restore Faces in Old Family Photos

Google tests alternative payment methods in Play store, still takes 4% cut

Posted on by

The move comes in response to growing pressure on app store operators to give developers options, as Epic Games sought in its dispute with Apple and the government of South Korea required with legislation. The EU’s Digital Markets Act also seeks to limit Big Tech’s gatekeeping powers and was designed to stop Google prioritizing its own goods and services over those of competitors.

The test, foreshadowed in March 2022 when Spotify’s Android app offered its own payment system alongside Google’s, will see the search giant offer developers the chance to offer users the chance to employ payment systems other than its own.

The trial covers digital content and services, such as in-app purchases and subscriptions. Web-based payments as an alternative payment method in an embedded webview within their app are also possible under the pilot.

The program is detailed in a support document that states it will run in European Economic Area (EEA) countries – not the UK – plus Australia, India, Indonesia, and Japan.

[…]

The test will require alternative payment systems to be compliant with the Payment Card Industry Data Security Standard and developers must provide customer service for their chosen system. Payment systems used must provide a process to dispute unauthorized transactions.

Games are not eligible for the test, and Google’s not explained why other than to say they’re not eligible but that decision might change.

[…]

“Google Play’s service fee has never been simply a fee for payment processing. It reflects the value provided by Android and Play and supports our continued investments across Android and Google Play, allowing for the user and developer features that people count on.”

[…]

If you fancy trying the scheme, apply here – but don’t bother unless you already have a Play Store developer account, as that’s required to apply for inclusion

Source: Google tests alternative payment methods in Play store • The Register

China Approves World’s First Covid Vaccine You Inhale

Posted on by

[…]

China’s National Medical Products Administration approved CanSino’s Ad5-nCoV for emergency use as a booster vaccine, the company said in a statement to the Hong Kong Stock Exchange on Sunday.

The vaccine is a new version of CanSino’s one-shot Covid drug, the first in the world to undergo human testing in March 2020 and which has been used in China, Mexico, Pakistan, Malaysia and Hungary after being rolled out in February 2021. The inhaled version can stimulate cellular immunity and induce mucosal immunity to boost protection without intramuscular injection, CanSino said.

[…]

CanSino’s initial one-shot vaccine was found to be 66% effective in preventing Covid-19 symptoms and 91% effective against severe disease, but it trails vaccines from Sinovac Biotech Ltd. and state-owned Sinopharm Group Co. in use outside China. Those two companies account for most of the 770 million doses China has sent to the rest of the world.

The vaccine, which uses a modified cold-causing virus to expose the immune system to the coronavirus, is similar to those developed by AstraZeneca Plc and Johnson & Johnson.

Source: China Approves World’s First Covid Vaccine You Inhale – Bloomberg

Midjourney – AI picture creator through words, wins digital art competition

Posted on by

An independent research lab exploring new mediums of thought and expanding the imaginative powers of the human species.

Source: Midjourney

It works like Dall-e and is now very popular because a user used this to win a digital art competition (using attribution)

Jason Allen entered the artwork titled “Theatre d’Opera Spatial” in the “Digital Arts / Digitally-Manipulated Photography” category of the Colorado State Fair fine arts competition but created the piece using a popular text-to-image AI generator named Midjourney.

A Twitter post describing Allen’s win went viral earlier this week (and was first covered by Vice). The post elicited a strong response, with many users claiming that Allen had been deceptive in submitting the piece, particularly as most of the public is unaware of how text-to-image AI generators work. Allen, though, has defended his actions.

“I wanted to make a statement using artificial intelligence artwork,” he told The Pueblo Chieftain. “I feel like I accomplished that, and I’m not going to apologize for it.”

[…]

Responses to Allen’s win, though, have been mixed, with many accusing him of deceiving the judges. From Allen’s description of his win, it seems that the fair’s judges were not fully aware of how the piece was created. Writing in the Midjourney Discord, Allen says the artwork’s “description clearly stated I created them via Midjourney,” but when another user asks if he explained what the software does, Allen replies, “Should I have explained what Midjourney was? If so, why?” eliciting face-palm emoji reactions from others in the chat.

Allen said he’s been telling people at the show that the piece is “digital art created using a.i. tools” and that he doesn’t need to explain what Midjourney is any more than a digital artist might explain how Adobe Illustrator works

[…]

The rules of the competition Allen entered describe his category only as “Artistic practice that uses digital technology as part of the creative or presentation process.”

[…]

Source: An AI-generated artwork’s state fair victory fuels arguments over ‘what art is’ – The Verge

 

grommunio  open source groupware / PIM and much, much more

Posted on by

grommunio efficiently summarizes all requirements of modern, digital communication and collaboration. This includes the device and operating system independent management of sensitive data such as e-mail, contacts, calendar, chat, video conference, file sharing and much more – in real time.

With open source technology based on Linux, grommunio is scalable and meets the highest security requirements. Thanks to its advanced architecture, grommunio can be integrated into existing systems without great effort. Thanks to its advanced architecture, grommunio can be integrated into existing systems without great effort.

[…]

As the first open source solution – with a fully functional implementation of Outlook Anywhere (RPC-over-HTTP) and MAPI-over-HTTP, grommunio is the alternative to proprietary backends for native interoperability with Microsoft Outlook.

Source: grommunio | groupware and much, much more

Android Auto Store – free AA apps

Posted on by

Android Auto Store is free app for Android Phones to downloads best Android Auto apps and installs them in the correct way to have them in Android Auto.

This Store will install Android Auto Apps on non-rooted Android devices for free with NO DOWNLOAD LIMITS NO PAY. Select an app you want to install on your phone and wait the installation process finish. Once completed, connect your smartphone to the car and use the app.

https://github.com/croccio/Android-Auto-Store

Major VPN services shut down in India over anti-privacy law

Posted on by

[…]

New rules from India’s Computer Emergency Response Team

India’s Computer Emergency Response Team (CERT) has said that new rules will apply to VPN providers from September 25. These will require services to collect customer names, email addresses, and IP addresses. The data must be retained for at least five years, and handed over to CERT on demand.

This would breach the privacy standards of major VPN services, and be physically impossible for services like NordVPN, which keep no logs as a matter of policy. The company is registered in Panama specifically because there are no data-retention laws there, and no international intelligence sharing.

Major VPN services shut down Indian servers

The Wall Street Journal reports that major VPN services have shut down their Indian servers.

Major global providers of virtual private networks, which let internet users shield their identities online, are shutting down their servers in India to protest new government rules they say threaten their customers’ privacy […]

Such rules are “typically introduced by authoritarian governments in order to gain more control over their citizens,” said a spokeswoman for Nord Security, provider of NordVPN, which has stopped operating its servers in India. “If democracies follow the same path, it has the potential to affect people’s privacy as well as their freedom of speech,” she said […]

Other VPN services that have stopped operating servers in India in recent months are some of the world’s best known. They include U.S.-based Private Internet Access and IPVanish, Canada-based TunnelBear, British Virgin Islands-based ExpressVPN, and Lithuania-based Surfshark.

ExpressVPN said it “refuses to participate in the Indian government’s attempts to limit internet freedom.”

The government’s move “severely undermines the online privacy of Indian residents,” Private Internet Access said.

Customers in India will be able to connect to VPN servers in other countries. This is the same approach taken in Russia and China, where operating servers within those countries would require VPN companies to comply with similar legislation.

[…]

Source: Major VPN services shut down in India over anti-privacy law

IOS Mobile banking apps put 300,000 digital fingerprints at risk using hardcoded AWS credentials

Posted on by

Massive amounts of private data – including more than 300,000 biometric digital fingerprints used by five mobile banking apps – have been put at risk of theft due to hard-coded Amazon Web Services credentials, according to security researchers.

Symantec’s Threat Hunter Team said it discovered 1,859 publicly available apps, both Android and iOS, containing baked-in AWS credentials. That means if someone were to look inside the apps, they would have found the credentials in the code, and could potentially have used that to access the apps’ backend Amazon-hosted servers and steal users’ data. The vast majority (98 percent) were iOS apps.

In all, 77 percent of these apps contained valid AWS access tokens that allowed access to private AWS cloud services, the intelligence team noted in research published today.

Additionally, almost half (47 percent) contained valid AWS tokens providing full access to sometimes millions of private files via Amazon S3 buckets. These hard-coded AWS access tokens would be easy to extract and exploit, and reflect a serious supply-chain issue, Dick O’Brien, principal editor on Symantec’s Threat Hunter Team, told The Register.

[…]

In one case, a provider of B2B services gave out a mobile SDK to its customers to integrate into their applications. It turned out the SDK contained the provider’s cloud infrastructure keys, which potentially exposed all of its data — including financials, employee information, files on more than 15,000 medium and large-sized companies, and other information — that was stored on the platform.

The SDK had a hard-coded AWS token to access an Amazon-powered translation service. However, that token granted full access to the provider’s backend systems, rather than just the translation tool.

[…]

 

Source: Mobile banking apps put 300,000 digital fingerprints at risk • The Register