Author Archives: Robin Edgar

About Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

Samsung says customer data stolen in July data breach – again

Posted on by

Electronics giant Samsung has confirmed a data breach affecting customers’ personal information.

In a brief notice, Samsung said it discovered the security incident in late-July and that an “unauthorized third party acquired information from some of Samsung’s U.S. systems.” The company said it determined customer data was compromised on August 4.

Samsung said Social Security numbers and credit card numbers were not affected, but some customer information — name, contact and demographic information, date of birth, and product registration information — was taken.

“The information affected for each relevant customer may vary. We are notifying customers to make them aware of this matter,” said the statement.

Samsung spokesperson Chris Langlois told TechCrunch by email via crisis communications firm Edelman that demographic data relates to customer information used for marketing and advertising, but didn’t specify what types of data this includes. Langlois added that registration data, provided by customers in order to access support and warranty information, includes product purchase date, model, and device ID.

Langlois declined to say how many customers were affected or why it took Samsung more than a month to notify customers about the breach, which was announced just hours ahead of a U.S. holiday weekend marking Labor Day.

[…]

This is the second time Samsung has confirmed a data breach this year. In March, the company admitted that the Lapsus$ hacking group — the same group that infiltrated Nvidia, Microsoft and T-Mobile — obtained and leaked almost 200 gigabytes of confidential data, including source code for various technologies and algorithms for biometric unlock operations.

Source: Samsung says customer data stolen in July data breach | TechCrunch

Pharma Startup President Convicted in Fake Covid Testing Scheme

Posted on by

Blood testing huckster and former Arrayit president Mark Schena has been convicted in a covid-19 and allergy test scheme that allegedly resulted in nearly $80 million worth of fraudulent claims. Schena, who was convicted on five separate charges, could potentially spend decades in prison, according to the Department of Justice

The DOJ alleges Schena misled investors with bogus claims of “revolutionary” new technology capable of testing for virtually any disease with just a couple of pinpricks of blood while president of his pharma startup. No, this isn’t Theranos but it yes, it sure does sound similar.

Schena allegedly misled investors and told them his company was valued at around $4.5 billion. In reality, the DOJ alleges the president withheld documents that revealed Arrayit was actually on the verge of bankruptcy. Arrayit allegedly released fabricated press releases and tweets falsely claiming major institutions had entered into partnerships with the company. Schena even boldly claimed he was on a “shortlist” for the Nobel Prize, a claim that also turned out to be bullshit.

[…]

All told, Arrayit allegedly filed $77 million worth of false and fraudulent claims for its covid-19 and allergy testing service. Schena, who was convicted of one count of conspiracy to commit health care fraud and conspiracy to commit wire fraud, two counts of health care fraud, one count of conspiracy to pay kickbacks, two counts of payment of kickbacks, and three counts of securities fraud, could potentially face decades in prison.

Source: Pharma Startup President Convicted in Fake Covid Testing Scheme

Scientists Turn Plastic Into Diamonds In Breakthrough

Posted on by

[…]

Since the 1970s, scientists believed that diamonds might actually rain down toward the mostly slushy planets’ rocky interiors—a diamond rain, if you will.

In 2017, researchers in Germany and California found a way to replicate those planetary conditions, fabricating teeny tiny diamonds called nanodiamonds in the lab using polystyrene (aka Styrofoam). Five years later and they’re back at it again, this time using some good ol’ polyethylene terephthalate (PET), according to a study published on Friday in Science Advances. The research has implications not only for our understanding of space, but paves a path toward creating nanodiamonds that are used in a range of contexts out of waste plastic.

[…]

When Kraus and his colleagues first attempted making nanodiamonds with polystyrene—which contains the same elements of carbon and hydrogen found on Neptune and Uranus—they did so by bombarding the material with the Linac Coherent Light Source, a high-powered X-ray laser at the SLAC National Acceleratory Laboratory in California. This process rapidly heated the polystyrene to 5,000 Kelvin (around 8,540 degrees Fahrenheit) and compressed it by 150 gigapascals, similar to conditions found about 6,000 miles into the interior of the icy planets.

While the researchers were able to make the microscopic bling with two quick hits from the laser, they later realized one vital chemical ingredient was missing: oxygen. So they turned to PET, which has a good balance of not only carbon and hydrogen but also oxygen, making it a closer chemical proxy to the ice giants than polystyrene.

[…]

“We found that the presence of oxygen enhances diamond formation instead of preventing it, making ‘diamond rain’ inside those planets a more likely scenario,” said Kraus. “We [also] see that diamonds grow larger for higher pressures and with progressing time in the experiments.”

They were also able to squeeze out a lot of tiny diamonds from just one shot of X-ray, on the order of a few billion crystallites (or a few micrograms if you’re talking total weight).

[…]

“If industrial scaling of the formation process indeed works as discussed above, and nanodiamonds will be required in very large quantitates for certain processes, e.g., catalysis for light-induced CO2 reduction reactions helping to reduce global warming, this may indeed become a potential way to recycle large amounts of PET,”  said Kraus.

[…]

Source: Scientists Turn Plastic Into Diamonds In Breakthrough

Use This Free Tool to Restore Faces in Old Family Photos

Posted on by

[…]

GFPGAN—first made it onto our radar when it was featured in the August 28 edition of the (excellent) Recomendo newsletter, specifically, a post by Kevin Kelly. In it, he says that he uses this free program to restore his own old family photos, noting that it focuses solely on the faces of those pictured, and “works pretty well, sometimes perfectly, in color and black and white.”

There are several ways to access the program—as outlined in this post on ByteXD—but we got there using this Baseten web page, per Kelly’s recommendation.

The tool is incredibly easy to use. If you are accessing GFPGAN on your phone, you have the option of selecting a photo from your library, or taking a new photo to use. When we accessed the page on a laptop, the only option was choosing a file from your computer.

Anyway, once you upload the photo, tap or click the green “Restore photo” button, and then wait for the final product. While the results aren’t instant, the restoring process takes roughly 15 to 20 seconds.

First, your original image will show up on the left, and then a few seconds later, the restored image will appear on the right. There’s a link you can click directly underneath the restored photo to download it. That’s it!

Of course, if a photo is damaged and part of someone’s face has torn off, GFPGAN can’t make it reappear, but the tool can improve the quality of what’s there. As an example, here’s a screenshot from the version of the program on the Baseten web page, featuring one of my own family photos:

Image for article titled Use This Free Tool to Restore Faces in Old Family Photos
Screenshot: Elizabeth Yuko

I never knew who the woman on the bottom left of the photo was, but in the restored image, I can easily identify her as my great-aunt.

[…]

Source: Use This Free Tool to Restore Faces in Old Family Photos

Google tests alternative payment methods in Play store, still takes 4% cut

Posted on by

The move comes in response to growing pressure on app store operators to give developers options, as Epic Games sought in its dispute with Apple and the government of South Korea required with legislation. The EU’s Digital Markets Act also seeks to limit Big Tech’s gatekeeping powers and was designed to stop Google prioritizing its own goods and services over those of competitors.

The test, foreshadowed in March 2022 when Spotify’s Android app offered its own payment system alongside Google’s, will see the search giant offer developers the chance to offer users the chance to employ payment systems other than its own.

The trial covers digital content and services, such as in-app purchases and subscriptions. Web-based payments as an alternative payment method in an embedded webview within their app are also possible under the pilot.

The program is detailed in a support document that states it will run in European Economic Area (EEA) countries – not the UK – plus Australia, India, Indonesia, and Japan.

[…]

The test will require alternative payment systems to be compliant with the Payment Card Industry Data Security Standard and developers must provide customer service for their chosen system. Payment systems used must provide a process to dispute unauthorized transactions.

Games are not eligible for the test, and Google’s not explained why other than to say they’re not eligible but that decision might change.

[…]

“Google Play’s service fee has never been simply a fee for payment processing. It reflects the value provided by Android and Play and supports our continued investments across Android and Google Play, allowing for the user and developer features that people count on.”

[…]

If you fancy trying the scheme, apply here – but don’t bother unless you already have a Play Store developer account, as that’s required to apply for inclusion

Source: Google tests alternative payment methods in Play store • The Register

China Approves World’s First Covid Vaccine You Inhale

Posted on by

[…]

China’s National Medical Products Administration approved CanSino’s Ad5-nCoV for emergency use as a booster vaccine, the company said in a statement to the Hong Kong Stock Exchange on Sunday.

The vaccine is a new version of CanSino’s one-shot Covid drug, the first in the world to undergo human testing in March 2020 and which has been used in China, Mexico, Pakistan, Malaysia and Hungary after being rolled out in February 2021. The inhaled version can stimulate cellular immunity and induce mucosal immunity to boost protection without intramuscular injection, CanSino said.

[…]

CanSino’s initial one-shot vaccine was found to be 66% effective in preventing Covid-19 symptoms and 91% effective against severe disease, but it trails vaccines from Sinovac Biotech Ltd. and state-owned Sinopharm Group Co. in use outside China. Those two companies account for most of the 770 million doses China has sent to the rest of the world.

The vaccine, which uses a modified cold-causing virus to expose the immune system to the coronavirus, is similar to those developed by AstraZeneca Plc and Johnson & Johnson.

Source: China Approves World’s First Covid Vaccine You Inhale – Bloomberg

Midjourney – AI picture creator through words, wins digital art competition

Posted on by

An independent research lab exploring new mediums of thought and expanding the imaginative powers of the human species.

Source: Midjourney

It works like Dall-e and is now very popular because a user used this to win a digital art competition (using attribution)

Jason Allen entered the artwork titled “Theatre d’Opera Spatial” in the “Digital Arts / Digitally-Manipulated Photography” category of the Colorado State Fair fine arts competition but created the piece using a popular text-to-image AI generator named Midjourney.

A Twitter post describing Allen’s win went viral earlier this week (and was first covered by Vice). The post elicited a strong response, with many users claiming that Allen had been deceptive in submitting the piece, particularly as most of the public is unaware of how text-to-image AI generators work. Allen, though, has defended his actions.

“I wanted to make a statement using artificial intelligence artwork,” he told The Pueblo Chieftain. “I feel like I accomplished that, and I’m not going to apologize for it.”

[…]

Responses to Allen’s win, though, have been mixed, with many accusing him of deceiving the judges. From Allen’s description of his win, it seems that the fair’s judges were not fully aware of how the piece was created. Writing in the Midjourney Discord, Allen says the artwork’s “description clearly stated I created them via Midjourney,” but when another user asks if he explained what the software does, Allen replies, “Should I have explained what Midjourney was? If so, why?” eliciting face-palm emoji reactions from others in the chat.

Allen said he’s been telling people at the show that the piece is “digital art created using a.i. tools” and that he doesn’t need to explain what Midjourney is any more than a digital artist might explain how Adobe Illustrator works

[…]

The rules of the competition Allen entered describe his category only as “Artistic practice that uses digital technology as part of the creative or presentation process.”

[…]

Source: An AI-generated artwork’s state fair victory fuels arguments over ‘what art is’ – The Verge

 

grommunio  open source groupware / PIM and much, much more

Posted on by

grommunio efficiently summarizes all requirements of modern, digital communication and collaboration. This includes the device and operating system independent management of sensitive data such as e-mail, contacts, calendar, chat, video conference, file sharing and much more – in real time.

With open source technology based on Linux, grommunio is scalable and meets the highest security requirements. Thanks to its advanced architecture, grommunio can be integrated into existing systems without great effort. Thanks to its advanced architecture, grommunio can be integrated into existing systems without great effort.

[…]

As the first open source solution – with a fully functional implementation of Outlook Anywhere (RPC-over-HTTP) and MAPI-over-HTTP, grommunio is the alternative to proprietary backends for native interoperability with Microsoft Outlook.

Source: grommunio | groupware and much, much more

Android Auto Store – free AA apps

Posted on by

Android Auto Store is free app for Android Phones to downloads best Android Auto apps and installs them in the correct way to have them in Android Auto.

This Store will install Android Auto Apps on non-rooted Android devices for free with NO DOWNLOAD LIMITS NO PAY. Select an app you want to install on your phone and wait the installation process finish. Once completed, connect your smartphone to the car and use the app.

https://github.com/croccio/Android-Auto-Store

Major VPN services shut down in India over anti-privacy law

Posted on by

[…]

New rules from India’s Computer Emergency Response Team

India’s Computer Emergency Response Team (CERT) has said that new rules will apply to VPN providers from September 25. These will require services to collect customer names, email addresses, and IP addresses. The data must be retained for at least five years, and handed over to CERT on demand.

This would breach the privacy standards of major VPN services, and be physically impossible for services like NordVPN, which keep no logs as a matter of policy. The company is registered in Panama specifically because there are no data-retention laws there, and no international intelligence sharing.

Major VPN services shut down Indian servers

The Wall Street Journal reports that major VPN services have shut down their Indian servers.

Major global providers of virtual private networks, which let internet users shield their identities online, are shutting down their servers in India to protest new government rules they say threaten their customers’ privacy […]

Such rules are “typically introduced by authoritarian governments in order to gain more control over their citizens,” said a spokeswoman for Nord Security, provider of NordVPN, which has stopped operating its servers in India. “If democracies follow the same path, it has the potential to affect people’s privacy as well as their freedom of speech,” she said […]

Other VPN services that have stopped operating servers in India in recent months are some of the world’s best known. They include U.S.-based Private Internet Access and IPVanish, Canada-based TunnelBear, British Virgin Islands-based ExpressVPN, and Lithuania-based Surfshark.

ExpressVPN said it “refuses to participate in the Indian government’s attempts to limit internet freedom.”

The government’s move “severely undermines the online privacy of Indian residents,” Private Internet Access said.

Customers in India will be able to connect to VPN servers in other countries. This is the same approach taken in Russia and China, where operating servers within those countries would require VPN companies to comply with similar legislation.

[…]

Source: Major VPN services shut down in India over anti-privacy law

IOS Mobile banking apps put 300,000 digital fingerprints at risk using hardcoded AWS credentials

Posted on by

Massive amounts of private data – including more than 300,000 biometric digital fingerprints used by five mobile banking apps – have been put at risk of theft due to hard-coded Amazon Web Services credentials, according to security researchers.

Symantec’s Threat Hunter Team said it discovered 1,859 publicly available apps, both Android and iOS, containing baked-in AWS credentials. That means if someone were to look inside the apps, they would have found the credentials in the code, and could potentially have used that to access the apps’ backend Amazon-hosted servers and steal users’ data. The vast majority (98 percent) were iOS apps.

In all, 77 percent of these apps contained valid AWS access tokens that allowed access to private AWS cloud services, the intelligence team noted in research published today.

Additionally, almost half (47 percent) contained valid AWS tokens providing full access to sometimes millions of private files via Amazon S3 buckets. These hard-coded AWS access tokens would be easy to extract and exploit, and reflect a serious supply-chain issue, Dick O’Brien, principal editor on Symantec’s Threat Hunter Team, told The Register.

[…]

In one case, a provider of B2B services gave out a mobile SDK to its customers to integrate into their applications. It turned out the SDK contained the provider’s cloud infrastructure keys, which potentially exposed all of its data — including financials, employee information, files on more than 15,000 medium and large-sized companies, and other information — that was stored on the platform.

The SDK had a hard-coded AWS token to access an Amazon-powered translation service. However, that token granted full access to the provider’s backend systems, rather than just the translation tool.

[…]

 

Source: Mobile banking apps put 300,000 digital fingerprints at risk • The Register

Study reveals flaws in popular genetic method PCA

Posted on by

The most common analytical method within population genetics is deeply flawed, according to a new study from Lund University in Sweden. This may have led to incorrect results and misconceptions about ethnicity and genetic relationships. The method has been used in hundreds of thousands of studies, affecting results within medical genetics and even commercial ancestry tests. The study is published in Scientific Reports.

[…]

The field of paleogenomics, where we want to learn about and individuals such as Copper age Europeans, heavily relies on PCA. PCA is used to create a genetic map that positions the unknown sample alongside known reference samples. Thus far, the unknown samples have been assumed to be related to whichever reference population they overlap or lie closest to on the map.

However, Elhaik discovered that the unknown sample could be made to lie close to virtually any reference population just by changing the numbers and types of the reference samples, generating practically endless historical versions, all mathematically “correct,” but only one may be biologically correct.

In the study, Elhaik has examined the twelve most common population genetic applications of PCA. He has used both simulated and real genetic data to show just how flexible PCA results can be. According to Elhaik, this flexibility means that conclusions based on PCA cannot be trusted since any change to the reference or test samples will produce different results.

Between 32,000 and 216,000 in genetics alone have employed PCA for exploring and visualizing similarities and differences between individuals and populations and based their conclusions on these results.

[…]

More information: Eran Elhaik, Principal Component Analyses (PCA)-based findings in population genetic studies are highly biased and must be reevaluated, Scientific Reports (2022). DOI: 10.1038/s41598-022-14395-4

Journal information: Scientific Reports

Source: Study reveals flaws in popular genetic method

Genshin Impact installs “anti cheat” rootkit signed by Microsoft which is exploited in the wild. Stop allowing spyware rootkits, Microsoft!

Posted on by

An MMORPG with cute anime-style characters and maybe a bit too much inspiration taken from another classic Nintento franchise, Genshin Impact is a relatively popular game across the PlayStation, iOS, Android, and PC platforms. That last one has already generated a bit of controversy, since the PC version game includes an anti-cheat kernel driver that runs in the Windows kernel context, and on initial release that module kept running even after the game was closed.

That anti-cheat driver is back in the news, with Trend Micro discovering a ransomware campaign that includes mhyprot2.sys, the anti-cheat driver, as a component of the infection. The module is known to have vulnerabilities, and is still a signed kernel driver, so the malware campaign loads the driver and uses its functions to disable anti-malware protections.

The rest of the campaign is straightforward. Starting with access to a single domain-connected machine, an attacker uses that foothold to gain access to the domain controller. The malicious script is hosted on shared storage, and PsExec is used to run it on all the domain member machines. The real novelty here is the use of the vulnerable anti-cheat kernel driver as the anti-malware bypass. As far as we can tell, this driver is *still* signed and considered trustworthy by Windows. We join the call to Microsoft, to revoke this vulnerable driver, as it’s now actively being used in ongoing malware campaigns. For more on security, check out our weekly column on the topic,

Source: Genshin Security Impact | Hackaday

FTC Sues Broker Kochava Over Geolocation Data Sales, giving away the data for free for 61m devices

Posted on by

[…] Commissioners voted 4-1 this week to bring a suit against Kochava, Inc., which calls itself the “industry leader for mobile app attribution” and sells mobile geo-location data on hundreds of millions of people. The suit accuses the company of violating the FTC Act, and the agency warns that the company’s business practices could easily be used to unmask the locations of vulnerable individuals—including visitors to reproductive health clinics, homeless and domestic violence shelters, places of worship, and addiction recovery centers.

Kochava, which is based in Idaho, sells “customized data feeds” that can be used to identify and track specific phone users, the FTC said in the suit. Kochava collects this data through a variety of means, then repackages it in large datasets to sell to marketers. The datasets include Mobile Advertising IDs, or MAIDs—the unique identifiers for mobile devices used in targeted advertising—as well as timestamped latitude and longitude coordinates for each device (i.e., the approximate location of the user). The data is ostensibly anonymized, but there are well-known ways to de-anonymize it. The suit claims that Kochava is aware of this, as it has allegedly suggested using its data “to map individual devices to households.”

Subscribing to Kochava’s feeds typically requires a hefty fee, but the FTC says that, until at least June, Kochava also granted interested users free access to a sample of the data. This “free sample” apparently included the location data of about 61 million mobile devices. Authorities say that there were “only minimal steps and no restrictions on usage” of this freely offered information.

[…]

Source: FTC Sues Broker Kochava Over Geolocation Data Sales

South Korea to pardon Samsung’s Lee, other corporate giants

Posted on by

Samsung’s de-facto leader secured a pardon Friday of his conviction for bribing a former president in a corruption scandal that toppled a previous South Korean government, an act of leniency that underscored the tech company’s huge influence in the nation.

Lee Jae-yong’s pardon is partially symbolic since he was released on parole a year ago after serving 18 months of a prison term that would have ended in July, and critics say the billionaire has remained in control of Samsung even while behind bars. Still, the pardon will allow the heir to the electronics juggernaut to fully resume his management duties and could make it easier for the company to pursue investments and mergers.

The Justice Ministry said President Yoon Suk Yeol, who as a prosecutor investigated the corruption scandal involving Lee, will issue the pardon Monday, a national holiday when some 1,700 people are set to receive clemency, including other top business leaders.

Lee, 54, was convicted in 2017 of bribing former President Park Geun-hye and her close confidante to win government support for a merger between two Samsung affiliates that tightened Lee’s control over the corporate empire. Park and the confidante were also convicted in the scandal, which enraged South Koreans, who staged massive protests for months demanding an end to the shady ties between business and politics. The demonstrations eventually led to Park’s ouster from office.

[…]

Lee still faces a separate trial on charges of stock price manipulation and auditing violations related to the 2015 merger.

Among others set to be pardoned is Lotte Group Chairman Shin Dong-bin, who received a suspended prison term in 2018 on similar charges of bribing Park, whom then-President Moon Jae-in pardoned in December. Chang Sae-joo, chairman of Dongkuk Steel Mill, and former STX Group Chairman Kang Duk-soo will also receive clemency.

A coalition of civic groups, including People’s Solidarity for Participatory Democracy, issued a statement criticizing the move to pardon the business leaders, accusing Yoon of cozying up to “chaebol,” referring to the family-owned conglomerates that dominate the country’s economy.

“President Yoon Suk Yeol’s sell-out (to business) sends a signal to chaebol chiefs that they are free to commit all the crimes they want,” the groups said, accusing Yoon of damaging the rule of law.

Former President Park was convicted of a broad range of corruption crimes, including colluding with her longtime confidante, Choi Soon-sil, to take millions of dollars in bribes and extortion from Samsung and other major companies while she was in office.

She faced a prison term of more than two decades before Moon pardoned her in December, citing a need to promote unity in the politically divided nation. Choi remains in jail. Chang, of Dongkuk Steel Mill, was released on parole in 2018 with about six months left on a 3 1/2-year prison term on charges that he embezzled millions of dollars in corporate funds and used some of it to gamble in Las Vegas.

[…]

Han, the justice minster, said that the government did not consider the pardons of any convicted politicians or government employees this time, saying that the focus was on the economy

[…]

Source: South Korea to pardon Samsung’s Lee, other corporate giants | AP News

One rule for the rich, the law for the rest

Australia fines Google $42.5 million over misleading location settings

Posted on by

Google is being ordered to pay A$60 million ($42.5 million) in penalties to Australia’s competition and national consumer law regulator regarding the collection and use of location data on Android phones.

The financial slap on the wrist relates to a period between January 2017 and December 2018 and follows court action by the Australian Competition and Consumer Commission (ACCC).

According to the regulators, Google misled consumers through the “Location History” setting. Some users were told, according to the ACCC, that the setting “was the only Google account setting that affected whether Google collected, kept and used personally identifiable data about their location.”

It was not. Another setting titled “Web & App Activity” also permitted data to be collected by Google. And it allowed the collection of “personally identifiable location data when it was turned on, and that setting was turned on by default,” the ACCC said.

The “misleading representations,” according to the ACCC, breach Australian consumer law and could have been viewed by the users of 1.3 million Google accounts in Australia. The figure is, however, a best estimate. We’re sure Google doesn’t collect telemetry showing where Android users navigate to either.

Privacy issues aside, the data could also be used by Google to target ads to consumers who thought they’d said no to collection.

Google “took remedial steps” and addressed the issues by December 20, 2018, but the damage was done and the ACCC instituted proceedings in October 2019. In April 2021, the Federal Court found that Google LLC (the US entity) and Google Australia Pty Ltd had breached Australian consumer law.

[…]

Google has come under fire from other quarters regarding the obtaining of customer location data without proper consent. A group of US states sued the search giant earlier this year over “dark patterns” in the user interface to get hold of location information. Then there was the whole creepy Street View Wi-Fi harvesting debacle.

[…]

Source: Australia fines Google over misleading location settings • The Register

Ring surveillance camera footage exploited for “funny clip” show

Posted on by

[…]Ring Nation, a new twist on the popular clip show genre, from MGM Television, Live PD producer Big Fish Entertainment and Ring.

The series, which will launch on September 26, will feature viral videos shared by people from their video doorbells and smart home cameras.

It’s a television take on a genre that has been increasingly going viral on social media.

The series will feature clips such as neighbors saving neighbors, marriage proposals, military reunions and silly animals.

[…]

Source: Wanda Sykes To Host Syndicated Viral Video Show Featuring Ring – Deadline

How this is not a really scary way to try to normalise the constant and low visibility surveillance enacted by these cameras is a puzzle to me. Making it funny that you’re being spied upon from the doors in the streets.

AI laser probe for prostate cancer enters clinical trials

Posted on by

AI software capable of mapping tumor tissue more accurately to help surgeons treat and shrink prostate cancer using a laser-powered needle will soon be tested in real patients during clinical trials.

The National Cancer Institute estimated that approximately 12.6 percent of men will be diagnosed with prostate cancer at some point in their life. The risk for developing the disease rises over time for men over the age of 50. It’s one of the most curable forms of cancer, considering most cases are caught in the early stages due to regular screening tests.

Treatment for prostate cancer varies depending on the severity of the disease. Patients can undergo hormone therapy, chemotherapy, or surgery to remove tissue. Avenda Health, a medical startup founded in 2017, is developing a new type of treatment that is less invasive. The US Food and Drug Administration (FDA) granted an investigational device exemption (IDE) to the company’s invention this week, meaning it can now be used in a clinical study.

Patients will need to have an MRI scan and a targeted fusion biopsy performed first. The data is processed by Avenda’s AI algorithms in its iQuest software to map where the cancerous cells are located within the prostate. Next, the computer vision-aided model will simulate where best to insert FocalPoint, a probe armed with a laser, to help surgeons treat the patient’s tumor. The heat from the laser gently heats the cancerous cells and kills them with goal of shrinking and removing the whole tumor.

focal_point_iquest_avenda

MRI images where cancer is mapped using iQuest software before and after treatment. Image Credit: Avenda Health

“Historically, prostate cancer treatments of surgery or radiation impacts critical structures like the urethra and nerves which control sexual and urinary function,” Avenda’s CEO and co-founder Shyam Natarajan told The Register. “Our focal laser ablation system, FocalPoint, which is powered by our AI-driven cancer margin software, iQuest, specifically targets tumor tissue and avoids healthy tissue. This means patients no longer lose control over these functions that are so common with traditional treatments, so quality of life is significantly improved.”

The treatment is only effective for men diagnosed with intermediate risk of prostate cancer, a classification that describes tumors being confined within the prostate only. Patients are considered high risk in cases where the cancer has spread beyond the prostate.

“This is one of the benefits of the iQuest software. Not only can it map the cancer, but it also provides decision support for the physician as they determine the best course of treatment for an individual patient. Not every patient is going to be eligible for focal therapy, and it is important for the physician to distinguish between good focal therapy candidates and not.  iQuest provides useful insights for that decision making process,”  Natarajan said.

[…]

Source: AI laser probe for prostate cancer enters clinical trials • The Register

Nuclear Fusion Breakthrough Confirmed: California Team Achieved Ignition

Posted on by

A major breakthrough in nuclear fusion has been confirmed a year after it was achieved at a laboratory in California.

Researchers at Lawrence Livermore National Laboratory’s (LLNL’s) National Ignition Facility (NIF) recorded the first case of ignition on August 8, 2021, the results of which have now been published in three peer-reviewed papers.

Nuclear fusion is the process that powers the Sun and other stars: heavy hydrogen atoms collide with enough force that they fuse together to form a helium atom, releasing large amounts of energy as a by-product. Once the hydrogen plasma “ignites”, the fusion reaction becomes self-sustaining, with the fusions themselves producing enough power to maintain the temperature without external heating.

Ignition during a fusion reaction essentially means that the reaction itself produced enough energy to be self-sustaining, which would be necessary in the use of fusion to generate electricity.

If we could harness this reaction to generate electricity, it would be one of the most efficient and least polluting sources of energy possible. No fossil fuels would be required as the only fuel would be hydrogen, and the only by-product would be helium, which we use in industry and are actually in short supply of.

[…]

In this latest milestone at the LLNL, researchers recorded an energy yield of more than 1.3 megajoules (MJ) during only a few nanoseconds. For reference, one MJ is the kinetic energy of a one tonne mass moving at 100mph.

[…]

In the experiments performed to reach this ignition result, researchers heat and compress a central “hot spot” of deuterium-tritium (hydrogen atoms with one and two neutrons, respectively) fuel using a surrounding dense piston also made from deuterium-tritium, creating a super hot, super pressurized hydrogen plasma.

“Ignition occurs when the heating from absorption of α particles [two protons and two neutrons tightly bound together] created in the fusion process overcomes the loss mechanisms in the system for a duration of time,” said the authors in a paper publishing the results in the journal Physical Review E.

[…]

 

Source: Nuclear Fusion Breakthrough Confirmed: California Team Achieved Ignition

Scientists discover how mosquitoes can ‘sniff out’ humans despite masking scents

Posted on by

[…]

esearchers at the Rockefeller University, in New York, were baffled when mosquitoes were somehow still able to find people to bite after having an entire family of human odour-sensing proteins removed from their genome.

The team then examined odour receptors in the antennae of mosquitoes, which bind to chemicals floating around in the environment and signal to the brain via neurons.

“We assumed that mosquitoes would follow the central dogma of olfaction, which is that only one type of receptor is expressed in each neuron,” said Younger. “Instead, what we’ve seen is that different receptors can respond to different odours in the same neuron.”

This means losing one or more receptors does not affect the ability of mosquitoes to pick up on human smells. This backup system could have evolved as a survival mechanism, the researchers say.

“The mosquito Aedes aegypti is specialised to bite humans, and it is believed that they evolved to do that because humans are always close to fresh water and mosquitoes lay their eggs in fresh water. We are basically the perfect meal, so the drive to find humans is extremely strong,” said Younger.

Ultimately, the researchers say, understanding how the mosquito brain processes human odour could be used to intervene in biting behaviour and reduce the spread of mosquito-borne diseases, such as malaria, dengue and yellow fever.

[…]

Source: Scientists discover how mosquitoes can ‘sniff out’ humans | Animal behaviour | The Guardian

Physical buttons outperform touchscreens in new cars, test finds

Posted on by

Vi Bilägare gathered eleven modern cars from different manufacturers at an airfield och measured the time needed for a driver to perform different simple tasks, such as changing the radio station or adjusting the climate control. At the same time, the car was driven at 110 km/h (68 mph). We also invited an ”old-school” car without a touchscreen, a 17-year-old Volvo V70, for comparison.

One important aspect of this test is that the drivers had time to get to know the cars and their infotainment systems before the test started.

The screens in modern cars keep getting bigger. Design teams at most car manufacturers love to ditch physical buttons and switches, although they are far superior safety-wise.

That is the conclusion when Swedish car magazine Vi Bilägare performed a thurough test of the HMI system (Human-Machine Interface) in a total of twelve cars this summer.

Inspiration for the screen-heavy interiors in modern cars comes from smartphones and tablets. Designers want a ”clean” interior with minimal switchgear, and the financial department wants to lower the cost. Instead of developing, manufacturing and keeping physical buttons in stock for years to come, car manufacturers are keen on integrating more functions into a digital screen which can be updated over time.

So in what way have these screens affected safety? Vi Bilägare gathered eleven modern cars from different manufacturers at an airfield och measured the time needed for a driver to perform different simple tasks, such as changing the radio station or adjusting the climate control. At the same time, the car was driven at 110 km/h (68 mph). We also invited an ”old-school” car without a touchscreen, a 17-year-old Volvo V70, for comparison.

One important aspect of this test is that the drivers had time to get to know the cars and their infotainment systems before the test started.

Each moment during the test is timed separately.

No backlighting

Tesla was not the first to introduce a touchscreen, but the American carmaker has always offered bigger touchscreens than most manufacturers, containing more of the car’s features. Even the windshield wipers are controlled through the touchscreen.

BMW iX also offers a touchscreen, but not as big as Tesla’s, and also more physical buttons. But that’s no guarantee for a system which is easy to use. The BMW’s infotainment system has lots of features, but it also has one of the most complex and complicated user interfaces ever designed.

Another sin is committed by Volkswagen and Seat. In order to save money, the touch-sensitive climate controls below the screen in the ID.3 and Leon are not backlit which make them completely invisible at night.

Voice control

The carmakers are keen to point out that many features now can be activated by voice. But the voice control systems are not always easy to use, they can’t control every function and they don’t always work as advertised, which is why the voice control systems were not tested in this experiment.

The results speak for themselves. The worst-performing car needs 1,400 meters to perform the same tasks for which the best-performing car only needs 300 meters.

Big differences

  • The easiest car to understand and operate, by a large margin, is the 2005 Volvo V70. The four tasks is handled within ten seconds flat, during which the car is driven 306 meters at 110 km/h.
  • At the other end of the scale, Chinese electric car MG Marvel R performs far worse. The driver needs 44.6 seconds before all the tasks are completed, during which the car has travelled 1,372 meters – more than four times the distance compared to the old Volvo.
  • BMW iX and Seat Leon perform better, but both are still too complicated. The driver needs almost a kilometer to perform the tasks. Lots can happen in traffic during that time.
  • Dacia Sandero and Volvo C40 perform well although they both have touchscreens. However, they are not overloaded with features. Volvo shows that a touchscreen doesn’t need to be complicated.

[…]

The results

Car Time to perform four tasks, seconds Score, 1–5
BMW iX 30.4 4.0
Dacia Sandero 13.5 3.75
Hyundai Ioniq 5 26.7 3.5
Mercedes GLB 20.2 3.25
MG Marvel R 44.9 2.5
Nissan Qashqai 25.1 4.25
Seat Leon 29.3 3.25
Subaru Outback 19.4 4.0
Tesla Model 3 23.5 3.75
Volkswagen ID.3 25.7 2.25
Volvo C40 13.7 3.5
Volvo V70 (2005) 10.0 4.5

Click to view results

 
  distance to perform task

Source: Physical buttons outperform touchscreens in new cars, test finds | Vi Bilägare

e-HallPass Monitors How Long Kids Are in the Bathroom Is Now in 1,000 American Schools, normalises surveillance

Posted on by

e-HallPass, a digital system that students have to use to request to leave their classroom and which takes note of how long they’ve been away, including to visit the bathroom, has spread into at least a thousand schools around the United States.

The system has some resemblance to the sort of worker monitoring carried out by Amazon, which tracks how long its staff go to the toilet for, and is used to penalize workers for “time off task.” It also highlights how automated tools have led to increased surveillance of students in schools, and employees in places of work.

“This product is just the latest in a growing number of student surveillance tools—designed to allow school administrators to monitor and control student behavior at scale, on and off campus,”

[…]

increased scrutiny offered by surveillance tools “has been shown to be disproportionately targeted against minorities, recent immigrants, LGBTQ kids,” and other marginalized groups.

[…]

Eduspire, the company that makes e-HallPass, told trade publication EdSurge in March that 1,000 schools use the system. Brian Tvenstrup, president of Eduspire, told the outlet that the company’s biggest obstacle to selling the product “is when a school isn’t culturally ready to make these kinds of changes yet.”

[…]

Admins can then access data collected through the software, and view a live dashboard showing details on all passes. e-HallPass can also stop meet-ups of certain students and limit the amount of passes going to certain locations, the website adds, explicitly mentioning  “vandalism and TikTok challenges.” Many of the schools Motherboard identified appear to use e-HallPass specifically on Chromebooks, according to student user guides and similar documents hosted on the schools’ websites, though it also advertises that it can be used to track students on their personal cell phones.

EdSurge reported that some people had taken to Change.org with a petition to remove the “creepy” system from a specific school. Motherboard found over a dozen similar petitions online, including one regarding Independence High School signed nearly 700 times which appears to have been written by a group of students.

[…]

 

Source: A Tool That Monitors How Long Kids Are in the Bathroom Is Now in 1,000 American Schools

FIFA 23 Accidentally Sells For Six Cents, EA Honors The Mistake

Posted on by

FIFA 23 is currently up for preorder around the world, and is supposed to be a full-price retail release, but in one particular market on one particular store, customers could get one hell of a bargain.

Last month, anyone browsing the Epic Games Store in India would have seen that while the standard edition of FIFA 23 cost ₹3,499 (USD$44), the Ultimate Edition—which should have been ₹4,799 (USD$60) was instead listed at ₹4.80.

The error was first discovered in late July
The error was first discovered in late July
Image: Twitter

That is not a sale price, that is an error, one where the store has clearly put the decimal point in the wrong spot. ₹4.80 works out to be six cents, and as word spread about the savings, users flocked to the store and bought the game. And not just Indian gamers, either; once news got out, fans were sharing across social media ways for players outside the region to set their accounts to the Indian Epic Games Store so they could get in on the error as well.

Now, this kind of thing isn’t exactly rare in the realms of online shopping, but often stores will cancel orders when the discrepancy is this great, so I don’t think too many people would have been expecting to have actually got hold of the more expensive version of FIFA 23 for six cents.

But they have! Via PC Gamer, EA Sports have this week issued a statement saying:

A few weeks back, we scored a pretty spectacular own-goal when we inadvertently offered FIFA 23 pre-purchase on the Epic Games Store at an incorrect price. It was our mistake, and we wanted to let you know that we’ll be honoring all pre-purchases made at that price.

[…]

Source: FIFA 23 Accidentally Sells For Six Cents, EA Honors The Mistake

Twilio SMS service attacker ‘explicitly’ looked for 3 Signal numbers

Posted on by

The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed.

However, Signal – considered one of the better secured of all the encrypted messaging apps – claims the attacker would not have been able to access the message history, contact lists, profile information, or other personal data associated with these user accounts. The non-profit organization said in a security note on its site that it has identified and is notifying the 1,900 users directly, and prompting them to re-register Signal on their devices.

The company had already come under fire for its practice of SMS verification in the past, something which has rebounded in the wake of the disclosure.

According to Signal, Twilio provides SMS verification services for its platform. Twilio provides messaging, call center and two-factor authentication services, among others, to about 256,000 customers altogether – although it said in an earlier incident report about the breach that only 125 of its customers had data “accessed by malicious actors for a limited period of time.”

The news that Signal was one of the 125 has raised questions about the identity of other Twilio customers, especially as the encrypted comms platform is known for its transparency. Others may be less forthcoming.

According to Signal’s security note, when Twilio was hit by a phishing attack earlier this month, this may potentially have led to the phone numbers of 1,900 Signal users being revealed as registered to a Signal account. The encryption app platform added that the users’ SMS verification codes were also exposed.

It appears that during the window of time that the attacker had access to Twilio’s customer support systems, it would have been possible for them to attempt to re-register the phone numbers they had accessed, transferring the Signal account to another device under their own control, using the SMS verification code. It also stresses that the attacker no longer has this access, and that the attack had been shut down by Twilio.

Intriguingly, Signal states that the attacker explicitly searched for three phone numbers among the 1,900 accessed, and the organization has since received a report from one of those three users that their account was indeed re-registered and hijacked.

[…]

Source: Twilio attacker ‘explicitly’ looked for 3 Signal numbers