Touch is essential for hand use. Yet, brain-controlled prosthetic limbs have not been endowed with this critical sense. In a new study by Flesher et al ., microelectrode arrays were implanted into the primary somatosensory cortex of a person with spinal cord injury and, by delivering current through the electrodes, generated sensations of touch that were perceived as coming from his own paralyzed hand. These sensations often felt like pressure, could be graded in intensity, and were stable for months. The authors suggest that this approach could be used to convey information about contact location and pressure necessary for prosthetic hands to interact with objects.
In a new study by Flesher et al., microelectrode arrays were implanted into the primary somatosensory cortex of a person with spinal cord injury and, by delivering current through the electrodes, generated sensations of touch that were perceived as coming from his own paralyzed hand. These sensations often felt like pressure, could be graded in intensity, and were stable for months.
Source: Intracortical microstimulation of human somatosensory cortex
The mysterious Investigatory Powers Tribunal, which oversees Blighty’s snoops, has ruled that the bulk collection of personal data — conducted by GCHQ and MI5 between 1998 and 2015 — was illegal.
Responding to a claim brought by Privacy International, the 70-page judgment handed down this morning [PDF] found that the spooks’ surveillance activities had been taking place without adequate safeguards or supervision for over a decade; and as such were in breach of Article 8 of the European Convention on Human Rights.
There are huge risks associated with the use of bulk communications data. It facilitates the almost instantaneous cataloguing of entire populations’ personal data. It is unacceptable that it is only through litigation by a charity that we have learnt the extent of these powers and how they are used.
The public and Parliament deserve an explanation as to why everyone’s data was collected for over a decade without oversight in place and confirmation that unlawfully obtained personal data will be destroyed.
Source: Court finds GCHQ and MI5 engaged in illegal bulk data collection
One win for transparency. Will the UK gov care? Doubt it.
The Breast and Cosmetic Implant Registry (BCIR) is intended to prevent a repeat of faulty Poly Implant Prothèse (PIP) silicone breast implants scandal in 2010, in which fraudulently manufactured silicone gel implants affected thousands of women.
Its establishment is in response to recommendation 21 in Sir Bruce Keogh’s Review of the Regulation of Cosmetic interventions, which called for a cosmetic implant registry “to provide better monitoring of patient outcomes and device safety”.
The registry is expected to record more than 20,000 cases of implant surgery annually. Reporting of data will be done by the provider, via an online portal.
Source: New UK National silicone database will help avoid boobs
This makes no sense whatsoever to me, but for the life of me I can’t understand what other purpose the UK has in collecting such a specific set of surgery data.
The Dutch Senate has passed the revised Net Neutrality Law as part of an amendment to the country’s Telecommunications Act. The strict new law seeks to ensure that telcos and ISPs treat all internet traffic equally and cannot favour one internet app or service over another. Opponents, however, say the legislation, which was approved by the lower house of parliament in May this year, is overly severe and is out of line with the EU’s own open internet standards.
Afke Schaart, Vice President Europe at mobile industry body the GSMA, commented: ‘We are greatly disappointed with the outcome of today’s vote. We believe that the Dutch Net Neutrality Law goes far beyond the intent of the EU regulation. We therefore call on the European Commission to ensure the harmonised implementation of Europe’s Open Internet rules.’ The GSMA says the tighter laws in the Netherlands will ‘hinder development of innovative services and consumer choice’.
Source: Dutch net neutrality law goes too far say critics
Actually, Afke Schaart, monopolies hinder innovation and consumer choice. It’s a good thing that the NL has used it’s sovereignity to go beyond the minimum that Brussels proscribes – The EU mandarins have obviously been in touch with too many large companies with money in their pockets, seeking to protect their own lazy positions to have made a good job of the net neutrality laws.
Now we have yet another massive database leak has been uncovered related to an insecure MongoDB installation, exposing at least 58 million subscriber records.
Twitter user @0x2Taylor posted exfiltrated data on the file sharing site MEGA twice over the weekend, each time resulting in the data being taken down very quickly. The data was then released for a third time on a smaller file sharing website. After analyzing the dataset, we can confirm that nearly 58 million records contain full names, IP addresses, dates of birth, email addresses, vehicle data, and occupations were included in the leak.
Who Is Modern Business Solutions?
Modern Business Solutions (MBS) describes itself as a technology and application service provider specializing in data management and monetization services for data owners. Based in Austin, TX, the firm claims to help “clients build their revenue streams by providing content and services” to a variety of industries including the automotive and employment verticals.
Source: Modern Business Solutions Stumbles Over A Modern Business Problem – 58M Records Dumped From An Unsecured Database
A data management company that can’t configure a database? What a bunch of tits!
fuzzing involves sending random data at a piece of software to crash it and capturing the conditions at the time of the crash.
libFuzzer attacked individual components of Chrome, sending the random data directly to the API. It’s a coverage-guided fuzzer, meaning it measures “code coverage for every input, and accumulate test cases that increase overall coverage”.
Guided coverage is also what Mountain View wants to offer for the world of open source software.
Described as in an “early stage”, the authors say their current focus is on libFuzzer, with documentation teaching users how to:
Add fuzzing to an open source project:
How to build and run fuzzers into a target source code repo; and
Build and run external fuzzers.
Source: Google offers baseball bat and some chains with which to hit open source software
Avtech is the second most popular search term in Shodan. According to Shodan, more than 130.000 Avtech devices are exposed to the internet.
That’s because there are 14 serious unpatched vulnerabilities, the guide in the link goes through.
Ensure the admin interface is not exposed to the internet, change the default admin password if you own one of these cameras!
Source: Avtech devices multiple vulnerabilities
Online skimming is a new form of card fraud. In November 2015, the first case was reported. Upon investigating, I scanned a sample of 255K online stores globally and found 3501 stores to be skimmed. It is now ten months later. Are the culprits in jail yet? Not quite, here are the numbers of compromised stores:
November 2015 3501
March 2016 4476 +28%
September 2016 5925 +69%
Victims vary from car makers (Audi ZA) to government (NRSC, Malaysia) to fashion (Converse, Heels.com), to pop stars (Bjork) to NGOs (Science Museum, Washington Cathedral).
At least 159 hacked stores use Magento Enterprise Edition, which is used only by the largest online stores.
754 stores who are skimming today, were already skimming in 2015. Apparently you can skim cards undisturbed for months.
Source: 5900 online stores found skimming [analysis]
There are about 25 court cases throughout the country that have a suspicious profile:
All involve allegedly self-represented plaintiffs, yet they have similar snippets of legalese that suggest a common organization behind them. (A few others, having a slightly different profile, involve actual lawyers.)
All the ostensible defendants ostensibly agreed to injunctions being issued against them, which often leads to a very quick court order (in some cases, less than a week).
Of these 25-odd cases, 15 give the addresses of the defendants — but a private investigator (Giles Miller of Lynx Insights & Investigations) couldn’t find a single one of the ostensible defendants at the ostensible address.
Now, you might ask, what’s the point of suing a fake defendant (to the extent that some of these defendants are indeed fake)? How can anyone get any real money from a fake defendant? How can anyone order a fake defendant to obey a real injunction?
The answer is that Google and various other Internet platforms have a policy: They won’t take down material (or, in Google’s case, remove it from Google indexes) just because someone says it’s defamatory. Understandable — why would these companies want to adjudicate such factual disputes? But if they see a court order that declares that some material is defamatory, they tend to take down or deindex the material, relying on the court’s decision.
Yet the trouble is that these Internet platforms can’t really know if the injunction was issued against the actual author of the supposed defamation — or against a real person at all.
Source: Dozens of suspicious court cases, with missing defendants, aim at getting web pages taken down or deindexed – The Washington Post
A new strain of malware has been discovered by Kaspersky Labs, named ‘StrongPity,’ which targets users looking for two legitimate computer programs, WinRAR and TrueCrypt. WinRAR is a file archiver utility for Windows, which compresses and extracts files, while the latter is a discontinued encryption tool.
The malware contains components that not only has the ability to give attackers complete control on the victim’s computer, but also steal disk contents and download other software that the cybercriminals need. It was found that users in Italy and Belgium were affected the most, but there were also records found in Turkey, North Africa, and the Middle East.
To be able to gather victims, the attackers have built special fake websites that supposedly host the two programs. One instance that was discovered by the researchers is that the criminals transposed two letters in a domain name, in order to fool the potential victim into thinking that the program was a legitimate WinRAR installer website.
Source: ‘StrongPity’ malware infects users through illegitimate WinRAR and TrueCrypt installers
inisters have been barred from wearing Apple Watches during Cabinet meetings amid concerns that they could be hacked by Russian spies, The Telegraph has learned.
Under David Cameron, several cabinet ministers wore the smart watches, including Michael Gove, the former Justice Secretary.
However, under Theresa May ministers have been barred from wearing them amid concerns that they could be used by hackers as listening devices.
Mobile phones have already been barred from the Cabinet because of similar concerns.
One source said: “The Russians are trying to hack everything.”
Source: Apple Watches banned from Cabinet after ministers warned devices could be vulnerable to hacking
Sexual activity before competition has been considered as a possible cause for reduced performance since ancient Greece and Rome. Recently, the hypothesis that optimal sport performance could be influenced by a variety of factors including sexual activity before competition has been investigated. However, few scientific data are available, with the exception of anecdotal reports of individual experiences.
The present evidence suggests that sexual activity the day before competition does not exert any negative impact on performance, even though high-quality, randomized controlled studies are urgently needed.
Source: Sexual Activity before Sports Competition: A Systematic Review
Religion in the United States is worth $1.2tn a year, making it equivalent to the 15th largest national economy in the world, according to a study.
The faith economy has a higher value than the combined revenues of the top 10 technology companies in the US, including Apple, Amazon and Google, says the analysis from Georgetown University in Washington DC.
The Socioeconomic Contributions of Religion to American Society: An Empirical Analysis calculated the $1.2tn figure by estimating the value of religious institutions, including healthcare facilities, schools, daycare and charities; media; businesses with faith backgrounds; the kosher and halal food markets; social and philanthropic programmes; and staff and overheads for congregations.
Co-author Brian Grim said it was a conservative estimate. More than 344,000 congregations across the US collectively employ hundreds of thousands of staff and buy billions of dollars worth of goods and services.
More than 150 million Americans, almost half the population, are members of faith congregations, according to the report. Although numbers are declining, the sums spent by religious organisations on social programmes have tripled in the past 15 years, to $9bn.
Twenty of the top 50 charities in the US are faith-based, with a combined operating revenue of $45.3bn.
Source: Religion in US ‘worth more than Google and Apple combined’ | World news | The Guardian
Android-x86 Open Source Project
Source: ReleaseNote 6.0-r1 – Android-x86 – Porting Android to x86
Wow, open source Android?
VIDEO Chinese hackers have attacked Tesla electric cars from afar, using exploits that can activate brakes, unlock doors, and fold mirrors from up to 20 kilometres (12 miles) away while the cars are in motion.
Keen Security Lab senior researchers Sen Nie, Ling Liu, and Wen Lu, along with director Samuel Lv, demonstrated the hacks against a Tesla Model S P85 and 75D and say their efforts will work on multiple Tesla models.
The Shanghai, China-based hacking firm has withheld details of the world-first zero day attacks and privately disclosed the flaws to Tesla.
The firm worked on the attack for several months, eventually gaining access to the motor that moves the driver’s seat, turning on indicators, opening the car’s sunroof and activating window wipers.
Keen Security Lab’s attacks also appear to compromise the touch screen that controls many of a Tesla’s functions.
“We are able to fold the side mirrors when drivers are changing lanes,” Nie says in the demonstration.
“All attacks are contactless without physically modifying the car.”
Source: Hackers hijack Tesla Model S from afar, while the cars are moving
In the latest exchange between Mobileye and Tesla, however, the chip company has accused Tesla of lying. “The allegations recently attributed to a spokesperson for Tesla … are incorrect and can be refuted by the facts,” Mobileye said in a statement.
Tesla was “pushing the envelope in terms of safety,” the company’s chairman and CTO Amnon Shashua said in an interview with Reuters on Wednesday. “It [the autopilot system] is not designed to cover all possible crash situations in a safe manner … It is a driver assistance system and not a driverless system,” he said.
While the assisted-driving technology is undoubtedly impressive, Mobileye says it was very unhappy when Tesla started suggesting it would allow customers to drive their car hands-free. Brown was thought to be watching a movie when the crash happened.
“It has long been Mobileye’s position that Tesla’s Autopilot should not be allowed to operate hands-free without proper and substantial technological restrictions and limitations,” said the company’s most recent statement, adding: “In communications dating back to May 2015 between Mobileye Chairman and Tesla’s CEO, Mobileye expressed safety concerns regarding the use of Autopilot hands-free.”
Mobileye claims that after the crash, it had a face-to-face meeting with Musk in which he promised that the autopilot would be “hands on.” But then Musk reneged on the agreement, it says, and offered a hands-free activation mode.
Source: Is Tesla telling us the truth over autopilot spat?
Sounds pretty typical of Elon Musk
The answer is simpler than you might think: The defense of an innocent, learning disabled, 15-year-old girl. In the criminal complaint, she’s called “Patient A,” but to me, she has a name, Justina Pelletier. Boston Children’s Hospital disagreed with her diagnosis. They said her symptoms were psychological. They made misleading statements on an affidavit, went to court, and had Justina’s parents stripped of custody. They stopped her painkillers, leaving her in agony. They stopped her heart medication, leaving her tachycardic. They said she was a danger to herself, and locked her in a psych ward. They said her family was part of the problem, so they limited, monitored, and censored her contact with them.Justina resorted to sneaking notes, hidden in origami, to tell her family what she wasn’t allowed to say around eavesdroppers. Hospital staff pushed her to do things she was physically incapable of, due to the physical condition they refused to acknowledge she has. They laughed at her as she struggled futilely. They left her on a toilet for hours when she couldn’t void her bowels. They left her secluded in a bare room, or alone in the hallway, sometimes for days when she couldn’t wheel herself elsewhere.
Source: Why I Knocked Boston Children’s Hospital Off The Internet: A Statement From Martin Gottesfeld | Huffington Post
A Medical horror story
You used to be able to use synergy, but that has become non-free.
Now you have the following two free alternatives:
Input Director enables the control of multiple Windows systems using the keyboard/mouse attached to one computer
Switch control between systems either by hotkey or by moving the cursor off the screen edge on one computer for it to appear on the next one
Input Director supports a shared clipboard – copy on one computer, switch control, and paste
Input Director is compatible with Windows 10, Windows 8/8.1, Windows 7, Windows 2008, Windows Vista, Windows 2003 and Windows XP(SP2). The systems must be networked.
it allows you to reach across your PC’s as if they were part of one single desktop… I can move files between the 2 computers simply by dragging them from one desktop to another. In fact you can control up to four computers from a single mouse and keyboard with no extra hardware needed
Mouse without Borders
Qubes is a security-oriented, open-source operating system for personal computers.
Qubes takes an approach called security by compartmentalization, which allows you to compartmentalize the various parts of your digital life into securely isolated compartments called qubes.
This approach allows you to keep the different things you do on your computer securely separated from each other in isolated qubes so that one qube getting compromised won’t affect the others. For example, you might have one qube for visiting untrusted websites and a different qube for doing online banking. This way, if your untrusted browsing qube gets compromised by a malware-laden website, your online banking activities won’t be at risk. Similarly, if you’re concerned about malicious email attachments, Qubes can make it so that every attachment gets opened in its own single-use disposable qube. In this way, Qubes allows you to do everything on the same physical computer without having to worry about a single successful cyberattack taking down your entire digital life in one fell swoop.
Source: Qubes OS Project
It runs lightweight Virtual Machines for your processes (Qubes) which isolate them, making sure they don’t infect other parts of your machines.
Whonix is a desktop operating system designed for advanced security and privacy. It realistically addresses attacks while maintaining usability. It makes online anonymity possible via fail-safe, automatic, and desktop-wide use of the Tor network. A heavily reconfigured Debian base is run inside multiple virtual machines, providing a substantial layer of protection from malware and IP leaks. Pre-installed applications, pre-configured with safe defaults are ready for use. Additionally, installing custom applications or personalizing the desktop will in no way jeopardize the user. Whonix is the only actively developed OS designed to be run inside a VM and paired with Tor.
This safeguards your privacy by running on 2 VMs in your OS, so it can’t know much about what your computer is doing.
Then there is tails, which has as advantage that it runs off a USB stick. This does, however, mean that every time you restart, everything resets. This ensures the base package stays clean, but updates to software or personal documents cannot be part of your tails.
A popular antibiotic called rifampicin, used to treat tuberculosis, leprosy, and Legionnaire’s disease, is becoming less effective as the bacteria that cause the diseases develop more resistance.
“Antibiotic resistance is one of the major problems in modern medicine,” said Adbelwahab. “Our studies have shown how this enzyme deactivates rifampicin. We now have a blueprint to inhibit this enzyme and prevent antibiotic resistance.”
Rifampicin, also known as Rifampin, has been used to treat bacterial infections for more than 40 years. It works by preventing the bacteria from making RNA, a step necessary for growth.
The enzyme, Rifampicin monooxygenase, is a flavoenzyme—a family of enzymes that catalyze chemical reactions that are essential for microbial survival. These latest findings represent the first detailed biochemical characterization of a flavoenzyme involved in antibiotic resistance, according to the authors.
Source: Team unravels mystery of bacteria’s antibiotic resistance
It had been three months since Roman Mazurenko, Kuyda’s closest friend, had died. Kuyda had spent that time gathering up his old text messages, setting aside the ones that felt too personal, and feeding the rest into a neural network built by developers at her artificial intelligence startup. She had struggled with whether she was doing the right thing by bringing him back this way. At times it had even given her nightmares. But ever since Mazurenko’s death, Kuyda had wanted one more chance to speak with him.
Source: Speak, Memory
The article goes into quite a few existential questions about what this kind of a memorial means for the bereaved, but from a technical standpoint it sounds very interesting.
In this case, Apple claimed that Samsung infringed patents for the slide-to-unlock feature, autocorrect and a way to detect phone numbers so they can be tapped to make phone calls. The bulk of the award, $98.7 million, was for the detection patent that the earlier panel said wasn’t infringed. The February decision also said the other two patents were invalid.
Source: Apple Wins Appeal Reinstating $119.6 Million Samsung Verdict
Really? Slide to unlock, autocorrect and detecting phone numbers?
The Russian government “directed the recent compromises of emails from US persons and institutions,” the US Department of Homeland Security and the Office of the Director of National Intelligence said on Friday, an accusation that gives formal recognition to a claim previously voiced through unnamed sources.
In late July, The New York Times reported that federal officials briefed on the views of American intelligence agencies had “high confidence” that the Russian government was behind the theft of email and other documents from the Democratic National Committee.
Source: US govt straight up accuses Russia of hacking prez election
The agency, Hallman said, has significantly improved its “anticipatory intelligence,” using a mesh of sophisticated algorithms and analytics against complex systems to better predict the flow of everything from illicit cash to extremists around the globe. Deep learning and other forms of machine learning can help analysts understand how seemingly disparate data sets might be linked or lend themselves to predicting future events with national security ramifications.While intelligence analysts have access to CIA’s own classified data stores to sift through, they’re also increasingly turning to open data sets, which Brennan has said this summer have turned into a “tremendous advantage” for the agency.“We have, in some instances, been able to improve our forecast to the point of being able to anticipate the development of social unrest and societal instability some I think as near as three to five days out,” said Hallman, speaking Tuesday at The Next Tech event hosted by Government Executive and Nextgov
Source: CIA Can Anticipate Social Unrest ‘Three to Five Days’ Out in Some Cases – Nextgov.com