AI

Many Machine Learning Studies Don't Actually Show Anything Meaningful, But They Spread Fear, Uncertainty, and Doubt (theoutline.com) 97

Michael Byrne, writing for the Outline: Here's what you need to know about every way-cool and-or way-creepy machine learning study that has ever been or will ever be published: Anything that can be represented in some fashion by patterns within data -- any abstract-able thing that exists in the objective world, from online restaurant reviews to geopolitics -- can be "predicted" by machine learning models given sufficient historical data. At the heart of nearly every foaming news article starting with the words "AI knows ..." is some machine learning paper exploiting this basic realization. "AI knows if you have skin cancer." "AI beats doctors at predicting heart attacks." "AI predicts future crime." "AI knows how many calories are in that cookie." There is no real magic behind these findings. The findings themselves are often taken as profound simply for having way-cool concepts like deep learning and artificial intelligence and neural networks attached to them, rather than because they are offering some great insight or utility -- which most of the time, they are not.
Power

Tesla Temporarily Boosts Battery Capacity For Hurricane Irma (sfgate.com) 328

Slashdot reader mikeebbbd noticed this in the AP's Florida hurricane coverage: Electric car maker Tesla says it has temporarily increased the battery capacity of some of its cars to help drivers escaping Hurricane Irma. The electric car maker said the battery boost was applied to Model S and X cars in the Southeast. Some drivers only buy 60 or 70 kilowatt hours of battery capacity, but a software change will give them access to 75 kilowatt hours of battery life until Saturday. Depending on the model, that could let drivers travel about 40 more miles before they would need to recharge their cars.

Tesla said it made the change after a customer asked the company for help evacuating. The company said it's possible it will make similar changes in response to similar events in the future.

Businesses

After Public Outcry From Customers, Britain's Biggest Bank HSBC Heads Off Complaints Over Small Business Account Closures (theguardian.com) 62

Julia Kollewe writing for The Guardian: HSBC has rushed to head off complaints from small businesses that found the bank had frozen or closed down their accounts as part of a crackdown on financial crime. Hundreds of small firms are thought to be affected, whose businesses range from an avocado importer to marketing and design companies. Britain's biggest bank, which has faced accusations of reacting slowly to the debacle, said that after becoming aware of problems in the past week, it was putting extra staff on its helpline and speeding up the process for dealing with complaints. It said staff were reducing the amount of time to unfreeze an account once a review had been completed. Earlier on Monday, Richard Davey, an HTML5 game developer and creator of Phaser, shared his ordeal dealing with HSBC, which had suspended transactions from his accounts without much explanation. It was only after thousands of users brought it to the company's attention on social media that the company fixed Davey's account, he said.
Android

Tech Firms Team Up To Take Down 'WireX' Android DDoS Botnet (krebsonsecurity.com) 29

An anonymous reader quotes a report from Krebs On Security: A half dozen technology and security companies -- some of them competitors -- issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle "WireX," an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this month to launch a series of massive cyber attacks. Experts involved in the takedown warn that WireX marks the emergence of a new class of attack tools that are more challenging to defend against and thus require broader industry cooperation to defeat. News of WireX's emergence first surfaced August 2, 2017, when a modest collection of hacked Android devices was first spotted conducting some fairly small online attacks. Less than two weeks later, however, the number of infected Android devices enslaved by WireX had ballooned to the tens of thousands. Experts tracking the attacks soon zeroed in on the malware that powers WireX: Approximately 300 different mobile apps scattered across Google's Play store that were mimicking seemingly innocuous programs, including video players, ringtones or simple tools such as file managers.

Experts involved in the takedown say it's not clear exactly how many Android devices may have been infected with WireX, in part because only a fraction of the overall infected systems were able to attack a target at any given time. Devices that were powered off would not attack, but those that were turned on with the device's screen locked could still carry on attacks in the background, they found. The identical press release that Akamai and other firms involved in the WireX takedown agreed to publish says the botnet infected a minimum of 70,000 Android systems, but Seaman says that figure is conservative.

News

We Can't Stop Checking the News Either. Welcome to the New FOMO (wired.com) 111

An anonymous reader shares an article: Countless studies have shown that social-driven FOMO (fear of missing out) stems from a person's primitive desire to belong to a group, with each snap, tweet, or post a reminder of what separates you from them. This other type of FOMO, the all-news, all-the-time kind, is new enough that nobody has really studied it much, yet of the half-dozen experts in sociology, anthropology, economics, and neurology I spoke to, all quickly recognized what I was describing, and some even admitted to feeling it themselves. "We scroll through our Twitter feeds, not seeking anything specific, just monitoring them so we don't miss out on anything important," says Shyam Sundar, a communications researcher at Pennsylvania State University. This impulse could stem from the chemical hits our brains receive with each news hit, but it could also derive from a primitive behavioral instinct -- surveillance gratification-seeking, or the urge that drove our cave-dwelling ancestors to poke their heads out and check for predators. In times of perceived crisis, our brains cry out for information to help us survive. Maybe this alarm stems from steady hits of @realDonaldTrump. Maybe it's triggered by left-wing Resistance types. Or could it be #FakeNews, ISIS, guns, police violence, or street crime, all propagated through our social media bubbles with headlines that are written specifically to grab our attention? This feels like a processing problem. "One thing we learn about human beings: We're meaning-making machines," Kross says. And social mania may be ideal for mainlining breaking news, but it's not great at providing meaning and context.
Security

UK.gov To Treat Online Abuse as Seriously as Hate Crime in Real Life (theregister.co.uk) 307

The UK's Crown Prosecution Service has pledged to tackle online abuse with the same seriousness as it does hate crimes committed in the flesh. From a report: Following public concern about the increasing amount of racist, anti-religious, homophobic and transphobic attacks on social media, the CPS has today published a new set of policy documents on hate crime. This includes revised legal guidance for prosecutors on how they should make decisions on criminal charges and handle cases in court. The rules officially put online abuse on the same level as offline hate crimes -- defined as an action motivated by hostility or prejudice -- like shouting abuse at someone face-to-face. They commit the CPS to prosecuting complaints about online material "with the same robust and proactive approach used with online offending." Prosecutors are told to consider the effect on the wider community and whether to identify both the originators and the "amplifiers or disseminators."
Crime

FBI Accepts New Evidence in 46-Year-Old D.B. Cooper Case (dailymail.co.uk) 123

An anonymous reader quotes the Daily Mail: The FBI is looking at an 'odd bit of buried foam' as possible evidence in the cold case investigation into criminal mastermind D.B. Cooper, according to private investigators. The potential evidence was handed over to authorities last week by the team of sleuths who believe the foam made up a part of Cooper's parachute backpack, the New York Daily News reports. Cooper, one of the 20th century's most compelling masterminds, hijacked a Boeing 727 at Seattle-Tacoma airport in 1971 and held its crew and passengers hostage with a bomb. Once his demand of $200,000 cash -- the equivalent of $1,213,226 today -- was reached and transferred onto the plane, Cooper had the crew take off before he parachuted out over the dense Pacific Northwest woods and disappeared.

The discovery of the foam comes just weeks after the FBI uncovered what is believed to be part of Cooper's parachute strap, which private investigators claim could lead authorities to his stolen fortune. In addition, the FBI also received three 'unknown' pieces of fabric that were found close to where the alleged parachute strap was located.

The 40-member cold case team is being overseen by a former FBI supervisor. At one point they essentially crowdsourced the investigation by requesting help from the general public, and the team now says they've found a credible source -- providing information substantiated by FBI field notes -- which has led them to this new evidence.
Databases

Google and ProPublica Team Up To Build a National Hate Crime Database (techcrunch.com) 310

In partnership with ProPublica, Google News Lab is launching a new tool to track hate crimes across America. The "Documenting Hate News Index" is being powered by machine learning to track reported hate crimes across all 50 states, collecting data from February 2017 onward. TechCrunch reports: Data visualization studio Pitch Interactive helped craft the index, which collects Google News results and filters them through Google's natural language analysis to extract geographic and contextual information. Because they are not catalogued in any kind of formal national database, a fact that inspired the creation of the index to begin with, Google calls the project a "starting point" for the documentation and study of hate crimes. While the FBI is legally required to document hate crimes at the federal level, state and local authorities often fail to report their own incidents, making the data incomplete at best.

The initiative is a data-rich new arm of the Documenting Hate project which collects and verifies hate incidents reported by both individual contributors and by news organizations. The Hate News Index will keep an eye out for false positives (casual uses of the word "hate" for example), striking a responsible balance between machine learning and human curation on a very sensitive subject. Hate events will be mapped onto a calendar in the user interface, though users can also use a keyword search or browse through algorithmic suggestions. For anyone who'd like to take the data in a new direction, Google will open sourced its data set, making it available through GitHub.

Bitcoin

Australia Joins China and Japan in Trying To Regulate Digital Currency Exchanges (cnbc.com) 63

Following moves by China and Japan to regulate digital currencies, Australia is attempting to crackdown on money laundering and terrorism financing with plans to regulate bitcoin exchanges. From a report: "The threat of serious financial crime is constantly evolving, as new technologies emerge and criminals seek to nefariously exploit them. These measures ensure there is nowhere for criminals to hide," said Australia's Minister for Justice Michael Keenan in a press release. The Australian government proposed a set of reforms on Thursday which will close a gap in regulation and bring digital currency exchange providers under the remit of the Australian Transactions and Reporting Analysis Centre. These exchanges serve as marketplaces where traders can buy and sell digital currencies, such as bitcoin, using fiat currencies, such as the dollar. The reform bill is intended to strengthen the Anti-Money Laundering and Counter-Terrorism Financing Act and increase the powers of AUSTRAC.
Social Networks

Thai Activist Jailed For the Crime of Sharing an Article on Facebook (eff.org) 120

An anonymous reader shares a report: Thai activist Jatuphat "Pai" Boonpattaraksa was sentenced this week to two and a half years in prison -- for the crime of sharing a BBC article on Facebook. The Thai-language article profiled Thailand's new king and, while thousands of users shared it, only Jutaphat was found to violate Thailand's strict lese majeste laws against insulting, defaming, or threatening the monarchy. The sentence comes after Jatuphat has already spent eight months in detention without bail. During this time, Jatuphat has fought additional charges for violating the Thai military junta's ban on political gatherings and for other activism with Dao Din, an anti-coup group. While in trial in military court, Jatuphat also accepted the Gwangzu Prize for Human Rights. When he was arrested last December, Jatuphat was the first person to be charged with lese majeste since the former King Bhumibol passed away and his son Vajiralongkorn took the throne. (He was not, however, the first to receive a sentence -- this past June saw one of the harshest rulings to date, with one man waiting over a year in jail to be sentenced to 35 years for Facebook posts critical of the royal family.) The conviction, which appears to have singled Jatuphat out among thousands of other Facebook users who shared the article, sends a strong message to other activists and netizens: overbroad laws like lese majeste can and will be used to target those who oppose military rule in Thailand.
The Courts

Researcher Who Stopped WannaCry Pleads Not Guilty to Creating Banking Malware (vice.com) 71

Lorenzo Franceschi-Bicchierai, reporting for Motherboard: Monday, the well-known security researcher who became famous after helping to stop the destructive WannaCry ransomware outbreak pleaded "not guilty" to creating software that would later become banking malware. Marcus Hutchins -- better known by his online nickname MalwareTech -- was arrested in early August in Las Vegas after the hacking conference Def Con. The US government accuses Hutchins of writing software in 2014 that would later become the banking malware Kronos. After getting out on bail and traveling to Milwaukee, he stood in front a judge on Monday for his arraignment. Prosecutors also allege he helped a still unknown co-defendant market and sell Kronos. Hutchins's lawyer Brian Klein declared in a packed courtroom in Milwaukee that Hutchins was "not guilty" of six charges related to the alleged creation and distribution of malware. Hutchins will be allowed to travel to Los Angeles, where he will live while he awaits trial. He will also be represented by Marcia Hoffman, formerly of the Electronic Frontier Foundation. Under the terms of his release, Hutchins will be tracked by GPS but will be allowed full internet access so he can continue to work as a security researcher; the only restriction is he will no longer be allowed to access the WannaCry "sinkhole" he used to stop the outbreak of ransomware.
China

China's VPN Developers Face Crackdown (bbc.com) 55

China recently launched a crackdown on the use of software which allows users to get around its heavy internet censorship. Now as the BBC reports, developers are facing growing pressure. From the report: The three plain-clothes policemen tracked him down using a web address. They came to his house and demanded to see his computer. They told him to take down the app he was selling on Apple's App Store, and filmed it as it was happening. His crime was to develop and sell a piece of software that allows people to get round the tough restrictions that limit access to the internet in China. A virtual private network (VPN) uses servers abroad to provide a secure link to the internet. It's essential in China if you want to access parts of the outside world like Facebook, Gmail or YouTube, all of which are blocked on the mainland. "They insisted they needed to see my computer," the software developer, who didn't want us to use his name, told us during a phone interview. "I said this is my private stuff. How can you search as you please?" No warrant was produced and when he asked them what law he had violated they didn't say. Initially he refused to co-operate but, fearing detention, he relented. Then they told him what they wanted: "If you take the app off the shelf from Apple's App Store then this will be all over." 'Sorry, I can't help you with that'. Up until a few months ago his was a legal business. Then the government changed the regulations. VPN sellers need a licence now.
Canada

An Image Site Is Victimizing Countless Women and Little Can Be Done (vice.com) 273

Allison Tierney, reporting for Vice: An international anonymous photo-sharing site where people post explicit photos without consent is playing host to the victimization of countless women. In the Canadian section of Anon-IB alone, there are currently over a hundred threads -- often organized by region, city, or calling out for nudes of a specific woman to be posted publicly. "Hamilton hoes," "Nanaimo Thread!," and "Markham wins" are some titles of Canadian threads. (Language used on the site equates the word "win" with sexually explicit photos of women.) Many major Canadian cities are represented on the site, and some threads even focus on women from specific schools. While it's a crime to share an "intimate image" of a person without their consent in Canada, sites that host this kind of activity don't necessarily fall under this. "[In terms of organizing content], is it criminal? No. Is it illegal? No," Toronto-based lawyer Jordan Donich, of Donich Law, told VICE. "It's a newer version of an older problem -- sites like these have been around for a long time." Anon-IB is not a new site; its current domain was registered to a "private person" in 2015 and ends in an ".ru." However, the site was initially up several years before 2015, going offline briefly in 2014.
Australia

Buggy Software Made Us Miss Money Laundering Scam, Says Australian Bank (theregister.co.uk) 57

An anonymous reader shares a report: Australia's Commonwealth Bank has blamed a software update for a money laundering scam that saw criminals send over AU$70m (US$55m) offshore after depositing cash into automatic teller machines. News of the Bank's involvement in the laundering scam broke last week, when Australia's financial intelligence agency AUSTRAC announced that it had found over 53,500 occasions on which the Bank failed to submit reports on transactions over $10,000. All transactions of that value are reportable in Australia, as part of efforts to crimp the black economy, crime and funding of terrorism. The news was not a good look for the Bank (CBA), because most of the cash was deposited into accounts established with fake drivers licences. Worse still is that each failure of this type can attract a fine of AU$18m, leaving CBA open to a sanction that would kill it off. Today the bank has explained the reason for its failure: "a coding error" that saw the ATMs fail to create reports of $10,000+ transactions. The error was introduced in a May 2012 update designed to address other matters, but not repaired until September 2015.
Security

The Kronos Indictment: Is it a Crime To Create and Sell Malware? (washingtonpost.com) 199

Marcus Hutchins, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak in its tracks by discovering a hidden "kill switch" for the malware, was arrested by the FBI over his alleged involvement in separate malicious software targeting bank accounts. According to an indictment released by the US Department of Justice on Thursday, Hutchins is accused of having helped to create, spread and maintain the banking trojan Kronos between 2014 and 2015. Hutchins, who is indicted with another unnamed co-defendant, stands accused of six counts of hacking-related crimes as a result of his alleged involvement with Kronos. A preliminary analysis of those counts suggest that the government will face significant legal challenges. Orin Kerr, the Fred C. Stevenson Research Professor at The George Washington University Law School, writes: The indictment asserts that Hutchins created the malware and an unnamed co-conspirator took the lead in selling it. The indictment charges a slew of different crimes for that: (1) conspiracy to violate the Computer Fraud and Abuse Act; (2) three counts of violating 18 U.S.C. 2512, which prohibits selling and advertising wiretapping devices; (3) a count of wiretapping; and (4) a count of violating the Computer Fraud and Abuse Act through accomplice liability -- basically, aiding and abetting a hacking crime. Do the charges hold up? Just based on a first look at the case, my sense is that the government's theory of the case is fairly aggressive. It will lead to some significant legal challenges. It's hard to say, at this point, how those challenges will play out. The indictment is pretty bare-bones, and we don't have all the facts or even what the government thinks are the facts.
Crime

Man Used DDoS Attacks On Media To Extort Them To Remove Stories (itwire.com) 34

New submitter troublemaker_23 shares a report from iTWire: A 32-year-old man from Seattle who was arrested for mounting a series of distributed denial of service attacks on businesses in Australia, the U.S. and Canada, wanted articles about himself removed from various news sites, including Fairfax Media. According to an FBI chargesheet filed in the U.S. District Court for the Northern District of Texas (Dallas Division), Kamyar Jahanrakhshan tried to get articles removed from the Sydney Morning Herald, a site for legal articles known as Leagle.com, Metronews.ca, a Canadian news website, CBC in Canada and Canada.ca. The chargesheet, filed by FBI special agent Matthew Dosher, said Jahanrakhshan migrated to the U.S. in 1991 and took U.S. citizenship; he then moved to Canada about four years later and became a permanent resident there. He had a conviction for second degree theft in Washington state in 2005 and this was vacated in August 2011; he also had a 2011 conviction for fraud and obstruction in Canada. In each case, Jahanrakhshan, who was deported back to the U.S. as a result of the Canada crime, launched DDoS attacks on the news websites and then contacted them. Further reading: Ars Technica
Businesses

LinkedIn Says It's Illegal To Scrape Its Website Without Permission (arstechnica.com) 167

A small company called hiQ is locked in a high-stakes battle over web scraping with LinkedIn. It's a fight that could determine whether an anti-hacking law can be used to curtail the use of scraping tools across the web. From a report: HiQ scrapes data about thousands of employees from public LinkedIn profiles, then packages the data for sale to employers worried about their employees quitting. LinkedIn, which was acquired by Microsoft last year, sent hiQ a cease-and-desist letter warning that this scraping violated the Computer Fraud and Abuse Act, the controversial 1986 law that makes computer hacking a crime. HiQ sued, asking courts to rule that its activities did not, in fact, violate the CFAA. James Grimmelmann, a professor at Cornell Law School, told Ars that the stakes here go well beyond the fate of one little-known company. "Lots of businesses are built on connecting data from a lot of sources," Grimmelmann said. He argued that scraping is a key way that companies bootstrap themselves into "having the scale to do something interesting with that data." [...] But the law may be on the side of LinkedIn -- especially in Northern California, where the case is being heard. In a 2016 ruling, the 9th Circuit Court of Appeals, which has jurisdiction over California, found that a startup called Power Ventures had violated the CFAA when it continued accessing Facebook's servers despite a cease-and-desist letter from Facebook.
The Internet

It Is Easy To Expose Users' Secret Web Habits, Say Researchers (bbc.com) 95

An anonymous reader shares a BBC report: Two German researchers say they have exposed the porn-browsing habits of a judge, a cyber-crime investigation and the drug preferences of a politician. The pair obtained huge amounts of information about the browsing habits of three million German citizens from companies that gather "clickstreams." These are detailed records of everywhere that people go online. The researchers argue such data -- which some firms scoop up and use to target ads -- should be protected. The data is supposed to be anonymised, but analysis showed it could easily be tied to individuals. People's browsing history is often used to tailor marketing campaigns. The results of the research by Svea Eckert and Andreas Dewes were revealed at the Def Con hacking conference in Las Vegas this weekend. The pair found that 95% of the data they obtained came from 10 popular browser extensions. "What these companies are doing is illegal in Europe but they do not care," said Ms Eckert, adding that the research had kicked off a debate in Germany about how to curb the data gathering habits of the firms.
Cellphones

Do Kill Switches Deter Cellphone Theft? (arstechnica.com) 97

evolutionary shares an article from Ars Technica: San Francisco's district attorney says that a California state law mandating "theft-deterring technological solutions" for smartphones has resulted in a precipitous drop in such robberies. Those measures primarily include a remote kill switch after a phone has been stolen that would allow a phone to be disabled, withstanding even a hard reset. Such a kill switch has become standard in all iPhones ("Activation Lock") and Android phones ("Device Protection") since 2015... When measured from the peak in 2013, "overall robberies involving smartphones have declined an astonishing 50 percent... Because of this hard-fought legislation, stealing a smartphone is no longer worth the trouble, and that means the devices we use every day no longer make us targets for violent crime."
Bitcoin

US Indicts Suspected Russian 'Mastermind' of $4 Billion Bitcoin Laundering Scheme (reuters.com) 99

schwit1 shares a report from Reuters: A U.S. jury indicted a Russian man on Wednesday as the operator of a digital currency exchange he allegedly used to launder more than $4 billion for people involved in crimes ranging from computer hacking to drug trafficking. Alexander Vinnik was arrested in a small beachside village in northern Greece on Tuesday, according to local authorities, following an investigation led by the U.S. Justice Department along with several other federal agencies and task forces. U.S. officials described Vinnik in a Justice Department statement as the operator of BTC-e, an exchange used to trade the digital currency bitcoin since 2011. They alleged Vinnik and his firm "received" more than $4 billion in bitcoin and did substantial business in the United States without following appropriate protocols to protect against money laundering and other crimes. U.S. authorities also linked him to the failure of Mt. Gox, a Japan-based bitcoin exchange that collapsed in 2014 after being hacked. Vinnik "obtained" funds from the hack of Mt. Gox and laundered them through BTC-e and Tradehill, another San Francisco-based exchange he owned, they said in the statement.

Slashdot Top Deals