CategoriesHackingTechnology

NSA Hoards Zero Days; Doesn’t Disclose Them all to Vendors

The NSA does not always disclose the zero day vulnerabilities it finds to unprotected vendors. Some security flaws are kept secret “when they can be used to serve a clear national security or law enforcement need” (Wired).

The US National Security Agency (NSA) was hacked by a suspected Russian hacker group and many of their exploits and hacking tools were archived. Leaked information was made public that showed the NSA collects exploits and does not always disclose them to vulnerable vendors. When vulnerabilities are not disclosed, problems do not get fixed. The NSA appears to operate “on the premise that secrets will never get out. That no one will ever discover the same bug. That no one will ever use the same bug. That there will never be a leak” (Business Insider).

Unfortunately, as we are currently witnessing with this recent leak, other types of hackers are able to find the same bugs and those hackers could have more malicious intent than the NSA. When hackers obtain a trove of U.S. secrets, that could put the government and corporations worldwide in a susceptible position. For example, the leaked data includes information on breaching popular commercial firewalls. Emergency service providers, governments, financial systems and many businesses all rely on these firewall technologies.

Global networking company, Cisco Systems, confirmed last week that the NSA exploited an undetected severe vulnerability that allows remote attackers “who have already gained a foothold in a targeted network to gain full control over a firewall” (Ars Technica). The NSA knew about this vulnerability since 2013 and did nothing to stop it. Now that the data is leaked, Cisco fears that the information “could be used to breach its Adaptive Security Appliance (ASA) software used in its firewalls. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system”. It can be argued that these exploits would have been patched had the NSA disclosed the vulnerabilities instead of collecting them for their own use.

(Watch – Snowden discusses NSA hack, Cisco to cut 5,500 jobs, NASA preps an asteroid rocket):

CategoriesGaming

Study Suggests Gamers Have Better Academic Performance

The Royal Melbourne Institute of Technology in Australia conducted a study that tested reading, math and science skills of students who were 15 years of age. One of the factors considered in the study was how much time each student spends playing video games. The results suggested that the students who gamed most days did way better in every category, “scoring 15 points above average in math and reading, and 17 points above average in science.” (Seeker)

One argument can be made that gamers tend to do better in school because smarter kids might be more likely to play games than others (correlation does not equal causation). Additionally, kids that played games every single day without any breaks in between actually did worse on the academic tests.

The idea that gamers are smarter is nothing new. In 2004, SourceFed released a video titled “16 Ways Video Games Make You Smarter” which discusses research that demonstrates video games actually improve cognitive skills:

A similar study last year determined that gamers have more grey matter and better brain connectivity (Science Alert). Gaming can have beneficial effects on your brain such as hand-eye coordination and improved cognitive control. It is worth noting that other tasks that require skill like sports and art will have a similar effect on brain development.

CategoriesPiracy

Many Fans Illegally Download Frank Ocean’s #Blond Album

R&B singer and songwriter Frank Ocean released his new album Blond exclusively to Apple Music. This caused fans to flock to torrent and other illegal file sharing sites to download the album. The entire album has also surfaced for free on Google Drive. (Digital Music News)

Because other popular streaming services such as Spotify and Tidal are unable to stream Blonde, those who are not subscribers to Apple’s service have had to find other means of obtaining the album. A quick Google search has also led some listeners to file locker locations containing the album files. Some Reddit threads have links to file hosting sites like Zippyshare to help share the album more widely.

Since Blonde was released exclusively to Apple Music, some have signed up for the service specifically to hear the album:

Others are promoting pirating the album for those who don’t want to pay or sign up for Apple Music:

Having given exclusive rights to Apple Music, the Frank Ocean brand has gone against Kim Dotcom’s suggestions for stopping piracy:

By not making the album easy to buy or obtain, many people feel that piracy is a better option for those who are not subscribers to Apple Music.

CategoriesHackingNewsSocial Media

Anonymous Hacker Brings Harambe Back to Life on Twitter

On Saturday, the Cincinnati Zoo director, Thane Maynard’s Twitter account was breached. The hacker changed Maynard’s profile photo to a pic of Harambe.

harambe hacker

Harambe was a silver-backed gorilla who was shot and killed at the Cincinnati Zoo when a 3 year old boy fell into the gorilla’s enclosure. Many people online had strong opinions about this story ranging from believing the parents of the child should be held accountable for Harambe’s death to supporting the killing of the gorilla because the child was in danger. Some even believed the child was in no danger and that both lives could have been spared. Anthropologist and UN Messenger of Peace, Jane Goodall says that the Harambe story “highlighted the danger of zoo animals in close proximity to humans and the need for better standards of care.” (Wikipedia)

The hacker who took over the Cincinnati Zoo director’s account also tweeted Harambe sympathizing hashtags such as #JusticeForHarambe and #DsOutForHarambe. The hack continues on through Sunday – the hacker telling the zoo employees to beg for their account back. Twitter user @prom has taken responsibility for the hack and says he doesn’t “worry about legal consequences at all.” (Cincinnati.com)

harambe hack prom

harambe hack

WATCH VIDEO – Gorilla zoo boy: did Harambe at Cincinnati Zoo deserve to die?:

Photo Credit: Julia Koefender – Flickr Creative Commons

CategoriesSecuritySmart PhonesTechnology

Gesture Analysis: Could your Movements be Hacked?

Smart phone and tablet developers will need to put better security measures in place to keep hackers and governments out of their devices. Many newer generation devices implement fingerprint readers in place of passcodes, which are often promoted as a stronger security feature. However, as we learned in recent news, authorities can force you to use your fingerprint to unlock your phone (but you can still invoke your 5th amendment right to withhold your numeral passcode from them). Gesture analysis could come next.

Free-form gestures have been said to be the next step in passwords. It is very difficult to simulate a complex gesture as opposed to guessing a numerical combination. Jailbroken iPhones got this feature awhile back (called Stride2), you can see how it works here:

In addition to using gestures to set your passwords, your touch-screen device could continuously verify your identity while you’re using it. It would do this by interpreting your gestures with mathematical algorithms. According to Motherboard, “the basic idea is to observe a user’s movements on a touchscreen device for some period of time and to come up with a gestural profile unique to that individual.” Every person makes unique gestures when they use a device and those all add up to make a personal profile. Ideally, if hijackers or authorities have access to your unlocked device, they wouldn’t be able to use it for long. If they did, the device would recognize that the user is not you since the gestures would not fit the profile. Yet as we see from the Motherboard article, robots were able to recreate user biometrics pretty easily.

Phones and tablets could end up having multiple layers of authentication (fingerprint, gesture analysis and codes) but many users would find that to be too much of a hassle. Facial recognition could be another alternative to passwords, but that might not protect you from authorities either. Voice recognition would probably be protected under the 5th amendment, but isn’t a convenient way to work with your phone in quiet places. Research into better security features is at the forefront of developers minds right now. Hopefully we will see better solutions in the near future.

Photo Credit: Jhaymesisviphotography

CategoriesInternetNews

AdBlock Plus Wants you to Pay for what you Read Online

Online publishers often hate ad-blockers like AdBlock Plus. Owners of smaller blog sites complain that they get little to no revenue from the work they produce. You may have also noticed some major news sites like Forbes and Wired have restricted access to their articles unless you turn off your ad-blocker or pay a monthly fee.

There are advantages to ad blockers, however. It keeps the readers safe from malicious ads that can harm your computer and from tracking URLs that invade privacy. It also preserves the original design of the page and doesn’t display annoying loud or flashing ads. There are also a large number of sites that don’t filter adult ads, which makes browsing at work or in public very difficult.

Recently, AdBlock Plus has announced that they are teaming up with a company called Flattr. Flatter is founded by Peter Sunde, one of the original co-founders of The Pirate Bay. AdBlock Plus and Flatter plan to implement a solution that they feel will make both advertisers and readers happy. The team will release a product called “Flattr Plus” that will allow readers to decide which content they want to pay for.

How will it work? The platform will let users to fund the content they wish to see within a set monthly budget. The money spent will be distributed to publishers based on engagement of their material. It is unclear at this point how exactly they plan to track engagement, since many people click on things they don’t mean to, or wish they hadn’t. There are also plenty of instances where readers leave tabs open for long periods of time.

Publishers will have to sign up with Flattr Plus in order to get paid. One problem with this is that Flattr Plus could decide to exclude websites they don’t like or disagree with, which would make it unfair for many users on the Internet.

Would you pay for a service like Flattr Plus in order to eliminate ads from your browsing experience? Some say they will simply switch to another ad-blocking service such as Ublock.

Photo Credit: Francisco Osorio

CategoriesNewsScience

Can a “Brain Map” Decode Our Inner Thoughts?

There is a lot we don’t know about the human brain and our understanding of how they process language is still a pretty big mystery to us. Currently, researchers at the University of California, Berkeley are building a “semantic atlas” of the brain in order to interpret how it organizes words and language. These studies are “based on a brain imaging study that recorded neural activity while study volunteers listened to stories from “The Moth Radio Hour.” (Laboratory Equipment – National Science Foundation)

At least one third of the brain power that goes on inside of our cerebral cortex is used for processing language. This means language makes up a very large part of our inner thoughts. Researchers have been able to map detailed images of how the brain organizes words by having participants listen to an emotionally-charged radio program. The participants brain activity was monitored and measured using MRI. They found that different parts of the brain respond differently when different words were heard. Researchers were then able to categorize word “types” with the areas of the brain they most affected. For example social words and words related to numbers tend to activate different parts of the brain. These organizational structures seemed to be consistent among the multiple individuals.

Learn how words “light up” parts of the brain when studied in the MRI scan:

While it may seem a bit creepy that equipment could essentially “read” our thoughts, it would be helpful for victims of stroke, brain damage and other patients who have trouble communicating vocally. I hate to think, however, how having the ability to map the cerebral cortex could be misused.

According to DigitalTrends, there were only 7 volunteers that participated in this study. More research and a larger sample study are needed to better understand these findings.

Featured Image Credit: KylaBorg

CategoriesGamingVirtual Reality

Project Sansar: The “Second Life” of VR

See ya later, real life! The creator of Second Life, the socially-focused online world, is looking for 3D content creators to make “social experiences in virtual reality” (Venturebeat).

Linden Lab recently put out an application for users of 3D Studio Max, Unity and other computer graphics programs for “Project Sansar“: an online virtual world that will soon be available for VR headsets. Project Sansar aims to make “it easier than ever before to create, share, and monetize your own social VR experiences”. Applicants who are accepted will receive an invitation later this year. We learned last year in an interview with Tom’s Hardware that the creators will be able “rent simulators that will let them build any VR experience they see fit.”

Here is an interview from last August where Second Life CEO Ebbe Altberg discusses content creation within Project Sansar:

Do you need experience with coding in order to create content for this new virtual reality platform? The short answer is no. While the application hints that you will need experience in order to be accepted for the testing program, the platform is designed so that anyone can create a VR experience:

“We believe we will democratize the medium of VR, we provide all of the difficult pieces of creating VR in our platform. We are lowering the barrier of entry to content creation.” -Second Life CEO Ebbe Altberg

Like Second Life, the new virtual reality platform will allow creators to buy and sell the items they create. If you’re interested in applying for Project Sansar or getting updates about the program, please visit https://projectsansar.com/creatorpreview.

(Featured Image by Nan Palmero)

CategoriesInternetSocial Media

How Should Social Media Sites Respond to Suicidal Posts?

Today, news outlets are reporting on a CDC study that indicates suicide rates in the U.S. are on the rise. What role, if any, should social media sites play in helping to decrease these suicide rates? In this new era where everyone shares every detail of their lives online, we are also seeing an increase of suicide notes and suicidal intentions posted on various social networks.

A couple of days ago on April 20, a high school student took his life after posting a short video on Instagram that began by saying, “Hey, so, I’m killing myself. Goodbye.” According to Nola.com the young man then said he “could not live happily because “my morals are totally different from the world around me.” Tragically, he used a pistol to take his own life soon after.

Many are questioning whether or not Instagram should have played a role in helping to prevent this suicide, or at least should have taken quicker action removing the video. As pointed out on Nola.com, the video stayed up for around 24 hours, had over 900 comments and over 15,000 views. There is an option for users to flag posts for “self-harm”, so it seems likely that a number of people who saw this post would have reported it. According to their Terms of Service, Instagram does not allow posts that glorify self harm or suicide. Some are left to wonder if this video fell within that category.

report instagram for self harm suicide socialhax

report post instagram self injury socialhax
There wasn’t a lot of time between when the video was posted and when the student took his life, so it may have been nearly impossible for anyone to intervene, even if Instagram did get involved. But why was the video left up for a full day? One explanation is that Instagram has such a large number of flagged posts to sift through and this one might have escaped automatic filters. The post was eventually taken down, so it does seem that the video had violated TOS in some way.

Another example of someone posting their intention to kill themselves on social media is the case of 27 year old trans-woman Kate von Roeder who took her own life in 2014. She posted a suicide note to Facebook shortly before it happened. The post is still visible today and it can be seen in the comments that her friends are pleading with her not to do it and to seek help.

(a warning to more sensitive readers – this is a suicide note and may be triggering):

Should sites like Facebook, Instagram and Twitter be required to police self-harm-related or suicidal content? Currently they send a message to users who post such content and tell them to seek help. They also will point them to suicide hotline phone numbers. Could social media sites do more than this to help prevent suicides? When suicide notes are posted, should they be allowed stay up even if the person has ended their life, like in the case with Kate von Roeder? Or do they need to be taken down because they may be triggering or “glorify” suicides and self-harm? If the deceased didn’t want their post to be censored, should we honor that? It’s a new problem that doesn’t have a clear answer at this time.

CategoriesNewsSocial Media

If Facebook Paid you, Would you Post More?

Facebook recently circulated a survey that suggests they might pay users for sharing content on their personal profile. This might remind people of Tsu, a social media company that “shares revenues with its users and those who invited them into tsu”:

Over the past year, Facebook’s users have shared 21% less personal updates according to Inc.com and 5.5 percent of sharing is down overall. CNET once showed us how “Facebook Fatigue” is a real thing and this could be a way to get social media users excited about posting on Facebook again.

There is little information on how and when Facebook plans to implement paying users for sharing. It might not even be available to everyone. Like Adweek suggests, it might only be for verified accounts. Facebook already pays some creators for sharing videos. One thing Facebook needs to do is to catch up with YouTube on finding and eliminating stolen videos. They have recently announced that they’re about to test a tool “to help stop freebooting“. Facebook should probably take care of this first, before they potentially start paying people for stolen content.

According to Facebook’s survey, some of the ways users could make money is through revenue sharing, donation butons, advertising, branded content and a “tip jar”.

Will more thought be put into Facebook content if users are paid for what they share? Or will people be scrambling to post any stupid thing they think might go viral?