CategoriesHackingNewsSecurity

Facial Recognition gets “Hacked” Thanks to Facebook

Facial recognition technology is utilized in many different systems. Biometric software is used in facial recognition tools for security purposes and other applications such as social media marketing. Algorithms use a statistical approach to identify facial features – and facial recognition is increasingly used as a crime-fighting tool. In the future it could be used to monitor employee attendance at work, to enhance security measures at ATMs and to prevent voter fraud. Many privacy advocates see a problem with this technology because it could quickly turn us into a surveillance society.

University of North Carolina researchers have discovered a way to get around facial recognition security. By using a virtual reality (VR) system to develop 3D models of the face, they were able to trick the biometric security measures. They did this with just a handful of photos found on Facebook and were able to fool the systems more than half the time (Newsweek).

Clearly this is a huge security flaw in the technology which means other types of “verifiable data” would need to be used for authentication in order for facial recognition to be a feasible option. One technique that could be used is the detection of infrared radiation which would be given off by a real face, not a 3D model (Techworm).

For more information on how facial recognition technologies work, check out this video from Brit Lab:

CategoriesBitcoinHackingNews

A Seized Silk Road Wallet is Moving Bitcoin to the NSA Hackers

Last week, a group called the “Shadow Brokers” claimed to have hacked the NSA – stealing their code, exploits and spy tools. They leaked bits of information on GitHub and claimed the information was stolen from the Equation Group, a group who most believe is a computer surveillance wing of the NSA. The Shadow Brokers says they will auction off the data to the highest bidder. Leaks from Edward Snowden have demonstrated that this hack is legit. (The Register) Security experts believe that the hacker group is Russian.

Now it appears that there are some Bitcoin moving from a seized Silk Road wallet to the Shadow Broker’s auction. This leads some experts to believe that “the US government is potentially bidding to prevent stolen NSA exploits and tools from ending up in the wrong hands”. It could also mean that the government might be making an attempt to trace where the Bitcoins are going. Additionally, it must be noted that the co-founder of a major Bitcoin investigation company says that payments are also going in the other direction. This could simply indicate that spam is being sent in very small payments to famous addresses. (ZDNet)

So far, the Shadow Brokers have collected around $1000 in Bitcoin payments – a far cry from the 1 million Bitcoins they have demanded (which would be worth just over a half a billion $USD at the time of this writing). The U.S. government seized several thousand Bitcoin when shutting down Silk Road, so this may be their source of funds when dealing with the Shadow Broker hackers.

Learn more about the Shadow Brokers hack of the NSA here:

CategoriesHackingTechnology

NSA Hoards Zero Days; Doesn’t Disclose Them all to Vendors

The NSA does not always disclose the zero day vulnerabilities it finds to unprotected vendors. Some security flaws are kept secret “when they can be used to serve a clear national security or law enforcement need” (Wired).

The US National Security Agency (NSA) was hacked by a suspected Russian hacker group and many of their exploits and hacking tools were archived. Leaked information was made public that showed the NSA collects exploits and does not always disclose them to vulnerable vendors. When vulnerabilities are not disclosed, problems do not get fixed. The NSA appears to operate “on the premise that secrets will never get out. That no one will ever discover the same bug. That no one will ever use the same bug. That there will never be a leak” (Business Insider).

Unfortunately, as we are currently witnessing with this recent leak, other types of hackers are able to find the same bugs and those hackers could have more malicious intent than the NSA. When hackers obtain a trove of U.S. secrets, that could put the government and corporations worldwide in a susceptible position. For example, the leaked data includes information on breaching popular commercial firewalls. Emergency service providers, governments, financial systems and many businesses all rely on these firewall technologies.

Global networking company, Cisco Systems, confirmed last week that the NSA exploited an undetected severe vulnerability that allows remote attackers “who have already gained a foothold in a targeted network to gain full control over a firewall” (Ars Technica). The NSA knew about this vulnerability since 2013 and did nothing to stop it. Now that the data is leaked, Cisco fears that the information “could be used to breach its Adaptive Security Appliance (ASA) software used in its firewalls. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system”. It can be argued that these exploits would have been patched had the NSA disclosed the vulnerabilities instead of collecting them for their own use.

(Watch – Snowden discusses NSA hack, Cisco to cut 5,500 jobs, NASA preps an asteroid rocket):

CategoriesGaming

Study Suggests Gamers Have Better Academic Performance

The Royal Melbourne Institute of Technology in Australia conducted a study that tested reading, math and science skills of students who were 15 years of age. One of the factors considered in the study was how much time each student spends playing video games. The results suggested that the students who gamed most days did way better in every category, “scoring 15 points above average in math and reading, and 17 points above average in science.” (Seeker)

One argument can be made that gamers tend to do better in school because smarter kids might be more likely to play games than others (correlation does not equal causation). Additionally, kids that played games every single day without any breaks in between actually did worse on the academic tests.

The idea that gamers are smarter is nothing new. In 2004, SourceFed released a video titled “16 Ways Video Games Make You Smarter” which discusses research that demonstrates video games actually improve cognitive skills:

A similar study last year determined that gamers have more grey matter and better brain connectivity (Science Alert). Gaming can have beneficial effects on your brain such as hand-eye coordination and improved cognitive control. It is worth noting that other tasks that require skill like sports and art will have a similar effect on brain development.

CategoriesPiracy

Many Fans Illegally Download Frank Ocean’s #Blond Album

R&B singer and songwriter Frank Ocean released his new album Blond exclusively to Apple Music. This caused fans to flock to torrent and other illegal file sharing sites to download the album. The entire album has also surfaced for free on Google Drive. (Digital Music News)

Because other popular streaming services such as Spotify and Tidal are unable to stream Blonde, those who are not subscribers to Apple’s service have had to find other means of obtaining the album. A quick Google search has also led some listeners to file locker locations containing the album files. Some Reddit threads have links to file hosting sites like Zippyshare to help share the album more widely.

Since Blonde was released exclusively to Apple Music, some have signed up for the service specifically to hear the album:

Others are promoting pirating the album for those who don’t want to pay or sign up for Apple Music:

Having given exclusive rights to Apple Music, the Frank Ocean brand has gone against Kim Dotcom’s suggestions for stopping piracy:

By not making the album easy to buy or obtain, many people feel that piracy is a better option for those who are not subscribers to Apple Music.

CategoriesHackingNewsSocial Media

Anonymous Hacker Brings Harambe Back to Life on Twitter

On Saturday, the Cincinnati Zoo director, Thane Maynard’s Twitter account was breached. The hacker changed Maynard’s profile photo to a pic of Harambe.

harambe hacker

Harambe was a silver-backed gorilla who was shot and killed at the Cincinnati Zoo when a 3 year old boy fell into the gorilla’s enclosure. Many people online had strong opinions about this story ranging from believing the parents of the child should be held accountable for Harambe’s death to supporting the killing of the gorilla because the child was in danger. Some even believed the child was in no danger and that both lives could have been spared. Anthropologist and UN Messenger of Peace, Jane Goodall says that the Harambe story “highlighted the danger of zoo animals in close proximity to humans and the need for better standards of care.” (Wikipedia)

The hacker who took over the Cincinnati Zoo director’s account also tweeted Harambe sympathizing hashtags such as #JusticeForHarambe and #DsOutForHarambe. The hack continues on through Sunday – the hacker telling the zoo employees to beg for their account back. Twitter user @prom has taken responsibility for the hack and says he doesn’t “worry about legal consequences at all.” (Cincinnati.com)

harambe hack prom

harambe hack

WATCH VIDEO – Gorilla zoo boy: did Harambe at Cincinnati Zoo deserve to die?:

Photo Credit: Julia Koefender – Flickr Creative Commons

CategoriesNewsOpinion

Should Uber Drivers be Fingerprinted in Background Checks?

I’ve heard a LOT of talk recently about Uber and Lyft’s pending exit from the Austin, TX marketplace, and I can’t say that I blame them. On one hand — Government “regulation,” only stifles competition… but on the other, when one realizes that just about -anybody- can become a driver for either of these companies so long as they have a 2005+ model vehicle, the idea of fingerprinting potential drivers (IMO) does not seem too far fetched.

Allow me to explain:

When you go to work for Yellow cab, for example, you become a licensed; bonded driver. In short, Yellow Cab knows exactly who you are, where you’ve lived, as well as have access to your (criminal) background information (which INCLUDES your Fingerprints). To me it’s a safety issue — as a passenger, I would think that knowing your driver is a rational; sane, functional member of society would be quite settling as it alleviates the “what if’s,” associated with climbing into a stranger’s car.

Sadly, responsibility has never actually been part of Uber or Lyft’s business plan. They would much rather you [sic, the driver] assume any and all liability wherein they [sic, the Company] are held in no way responsible for their utter & complete disregard for proper working conditions, accommodations, etc. As far as I’m concerned, their whole entire platform is digital ; it’s not like they really require brick & mortar office buildings, etc. in order to conduct their daily routines —- it’s not too much to ask for them [sic, the Company] to properly vet the individuals representing them, else they risk hiring the Zodiac Killer.
Austin, TX for the win..

More: Uber, Lyft set to leave Texas city over fingerprinting rule – MSN.com

CategoriesSecuritySmart PhonesTechnology

Gesture Analysis: Could your Movements be Hacked?

Smart phone and tablet developers will need to put better security measures in place to keep hackers and governments out of their devices. Many newer generation devices implement fingerprint readers in place of passcodes, which are often promoted as a stronger security feature. However, as we learned in recent news, authorities can force you to use your fingerprint to unlock your phone (but you can still invoke your 5th amendment right to withhold your numeral passcode from them). Gesture analysis could come next.

Free-form gestures have been said to be the next step in passwords. It is very difficult to simulate a complex gesture as opposed to guessing a numerical combination. Jailbroken iPhones got this feature awhile back (called Stride2), you can see how it works here:

In addition to using gestures to set your passwords, your touch-screen device could continuously verify your identity while you’re using it. It would do this by interpreting your gestures with mathematical algorithms. According to Motherboard, “the basic idea is to observe a user’s movements on a touchscreen device for some period of time and to come up with a gestural profile unique to that individual.” Every person makes unique gestures when they use a device and those all add up to make a personal profile. Ideally, if hijackers or authorities have access to your unlocked device, they wouldn’t be able to use it for long. If they did, the device would recognize that the user is not you since the gestures would not fit the profile. Yet as we see from the Motherboard article, robots were able to recreate user biometrics pretty easily.

Phones and tablets could end up having multiple layers of authentication (fingerprint, gesture analysis and codes) but many users would find that to be too much of a hassle. Facial recognition could be another alternative to passwords, but that might not protect you from authorities either. Voice recognition would probably be protected under the 5th amendment, but isn’t a convenient way to work with your phone in quiet places. Research into better security features is at the forefront of developers minds right now. Hopefully we will see better solutions in the near future.

Photo Credit: Jhaymesisviphotography

CategoriesInternetNews

AdBlock Plus Wants you to Pay for what you Read Online

Online publishers often hate ad-blockers like AdBlock Plus. Owners of smaller blog sites complain that they get little to no revenue from the work they produce. You may have also noticed some major news sites like Forbes and Wired have restricted access to their articles unless you turn off your ad-blocker or pay a monthly fee.

There are advantages to ad blockers, however. It keeps the readers safe from malicious ads that can harm your computer and from tracking URLs that invade privacy. It also preserves the original design of the page and doesn’t display annoying loud or flashing ads. There are also a large number of sites that don’t filter adult ads, which makes browsing at work or in public very difficult.

Recently, AdBlock Plus has announced that they are teaming up with a company called Flattr. Flatter is founded by Peter Sunde, one of the original co-founders of The Pirate Bay. AdBlock Plus and Flatter plan to implement a solution that they feel will make both advertisers and readers happy. The team will release a product called “Flattr Plus” that will allow readers to decide which content they want to pay for.

How will it work? The platform will let users to fund the content they wish to see within a set monthly budget. The money spent will be distributed to publishers based on engagement of their material. It is unclear at this point how exactly they plan to track engagement, since many people click on things they don’t mean to, or wish they hadn’t. There are also plenty of instances where readers leave tabs open for long periods of time.

Publishers will have to sign up with Flattr Plus in order to get paid. One problem with this is that Flattr Plus could decide to exclude websites they don’t like or disagree with, which would make it unfair for many users on the Internet.

Would you pay for a service like Flattr Plus in order to eliminate ads from your browsing experience? Some say they will simply switch to another ad-blocking service such as Ublock.

Photo Credit: Francisco Osorio

CategoriesNewsScience

Can a “Brain Map” Decode Our Inner Thoughts?

There is a lot we don’t know about the human brain and our understanding of how they process language is still a pretty big mystery to us. Currently, researchers at the University of California, Berkeley are building a “semantic atlas” of the brain in order to interpret how it organizes words and language. These studies are “based on a brain imaging study that recorded neural activity while study volunteers listened to stories from “The Moth Radio Hour.” (Laboratory Equipment – National Science Foundation)

At least one third of the brain power that goes on inside of our cerebral cortex is used for processing language. This means language makes up a very large part of our inner thoughts. Researchers have been able to map detailed images of how the brain organizes words by having participants listen to an emotionally-charged radio program. The participants brain activity was monitored and measured using MRI. They found that different parts of the brain respond differently when different words were heard. Researchers were then able to categorize word “types” with the areas of the brain they most affected. For example social words and words related to numbers tend to activate different parts of the brain. These organizational structures seemed to be consistent among the multiple individuals.

Learn how words “light up” parts of the brain when studied in the MRI scan:

While it may seem a bit creepy that equipment could essentially “read” our thoughts, it would be helpful for victims of stroke, brain damage and other patients who have trouble communicating vocally. I hate to think, however, how having the ability to map the cerebral cortex could be misused.

According to DigitalTrends, there were only 7 volunteers that participated in this study. More research and a larger sample study are needed to better understand these findings.

Featured Image Credit: KylaBorg