Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

Can Iris-Scanning ID Systems Tell the Difference Between a Live and Dead Eye? (ieee.org) 88

the_newsbeagle writes: Iris scanning is increasingly being used for biometric identification because it's fast, accurate, and relies on a body part that's protected and doesn't change over time. You may have seen such systems at a border crossing recently or at a high-security facility, and the Indian government is currently collecting iris scans from all its 1.2 billion citizens to enroll them in a national ID system. But such scanners can sometimes be spoofed by a high-quality paper printout or an image stuck on a contact lens.

Now, new research has shown that post-mortem eyes can be used for biometric identification for hours or days after death, despite the decay that occurs. This means an eye could theoretically be plucked from someone's head and presented to an iris scanner. The same researcher who conducted that post-mortem study is also looking for solutions, and is working on iris scanners that can detect the "liveness" of an eye. His best method so far relies on the unique way each person's pupil responds to a flash of light, although he notes some problems with this approach.

Biotech

Scientists Find Chemical-Free Way To Extend Milk's Shelf Life For Up To 3 Weeks (digitaltrends.com) 249

An anonymous reader writes from a report via Digital Trends: Researchers at Purdue University and the University of Tennessee have found a non-chemical way to extend regular milk's shelf life to around 2-3 weeks, and without affecting the nutrients or flavor. The technology they've developed involves increasing the temperature of milk by just 10 degrees for less than a second, which is well below the 70-degree Celsius threshold needed for pasteurization. That quick heat blast is still able to eliminate more than 99 percent of the bacteria left from pasteurization. "The developed technology uses low temperature, short time (LTST) in a process that disperses milk in the form of droplets with low heat/pressure variation over a short treatment time in conjunction with pasteurization," Bruce Applegate, Purdue's associate professor in the Department of Food Science, explained to Digital Trends. "The resultant product was subjected to a taste panel and participants had equal or greater preference for the LTST pasteurized milk compared to normally pasteurized milk. The shelf was determined to be a minimum of two weeks longer than the standard shelf life from pasteurization alone." As for whether or not this method will make its way to store shelves, it won't in the near future. "Currently an Ohio-based milk processor is using this technology and distributing the milk," Applegate says. "The unit is approved for processing milk in Ohio and distribution nationwide. The product is currently being distributed, however it has not been labeled as extended shelf life milk. Once the commercial application is validated the milk will be labelled with the extended shelf life." Scientists from Duke University believe there may be a large source of hydrogen gas under the ocean, caused by rocks forming from fast-spreading tectonic plates.
Advertising

Spotify Is Now Selling Your Information To Advertisers (engadget.com) 106

An anonymous reader writes from a report via Engadget: Spotify is now opening its data to targeted advertising. "Everything from your age and gender, to the music genres you like to listen to will be available to various third-party companies," reports Engadget. "Spotify is calling it programmatic ad buying (Warning: source may be paywalled) and has already enabled it." The nearly 70 million people that currently use Spotify's free, ad-supported streaming service across 59 countries will be affected. The ads will be audio-based and stretch between 15-30 seconds in length. The advertisers who buy ad spots will be able to look for specific users by viewing their song picks to find the best matches for the products they're selling. Two weeks ago, China has released its first ever set of digital ad regulations that seems to all but ban ad blocking.
Nintendo

Apple To Make $3 Billion From Pokemon Go (theguardian.com) 78

An anonymous reader writes from a report via The Guardian: We all know what Pokemon Go is, and we all know how successful it is. The Guardian is reporting that Apple will "rake in $3 billion in revenue from Pokemon Go in the next one to two years as gamers buy 'PokeCoins' from its app store, according to analysts." One pack of 100 PokeCoins costs about $1 in Apple's app store, but gamers can purchase as many as 14,500 PokeCoins for about $100. "We believe Apple keeps 30% of Pokemon Go's revenue spent on iOS devices, suggesting upside to earnings," Needham and Co brokerage analyst Laura Martin wrote in a client note on Wednesday. The game, which is also available on Android, had over 21 million active users after only being on the market for less than two weeks. It has also been rolled out in 35 countries since its U.S. debut. "Martin said Pokemon Go's ratio of paid users to total users was 10 times that of Candy Crush, the hit game from King Digital that generated more than $1 billion of revenue in both 2013 and 2014," reports The Guardian. Not only has Apple's stock risen since the launch of Pokemon Go, but Nintendo's stock has more than doubled.
DRM

EFF Is Suing the US Government To Invalidate the DMCA's DRM Provisions (boingboing.net) 92

Cory Doctorow, writes for BoingBoing: The Electronic Frontier Foundation has just filed a lawsuit that challenges the Constitutionality of Section 1201 of the DMCA, the "Digital Rights Management" provision of the law, a notoriously overbroad law that bans activities that bypass or weaken copyright access-control systems, including reconfiguring software-enabled devices (making sure your IoT light-socket will accept third-party lightbulbs; tapping into diagnostic info in your car or tractor to allow an independent party to repair it) and reporting security vulnerabilities in these devices. EFF is representing two clients in its lawsuit: Andrew "bunnie" Huang, a legendary hardware hacker whose NeTV product lets users put overlays on DRM-restricted digital video signals; and Matthew Green, a heavyweight security researcher at Johns Hopkins who has an NSF grant to investigate medical record systems and whose research plans encompass the security of industrial firewalls and finance-industry "black boxes" used to manage the cryptographic security of billions of financial transactions every day. Both clients reflect the deep constitutional flaws in the DMCA, and both have standing to sue the US government to challenge DMCA 1201 because of its serious criminal provisions (5 years in prison and a $500K fine for a first offense).Doctorow has explained aspects of this for The Guardian today. You should also check Huang's blog post on this.
Advertising

China Bans Ad Blocking (adexchanger.com) 103

An anonymous reader writes: Two weeks ago, China released its first ever set of digital ad regulations that impacted Chinese market leaders like Baidu and Alibaba. "But hidden among (the new regulations) is language that would seem to all but ban ad blocking," wrote Adblock Plus (ABP) operations manager Ben Williams in a blog post Wednesday. The new regulations prohibit "the use of network access, network devices, applications, and the disruption of normal advertising data, tampering with or blocking others doing advertising business (or) unauthorized loading the ad." There is also a clause included that addresses tech companies that "intercept, filter, cover, fast-forward and [impose] other restrictions" on online ad campaigns. ABP general counsel Kai Recke said in an email to AdExchanger that the Chinese State Administration for Industry and Commerce (SAIC) has much more control over the market than its otherwise equal U.S. counterpart, the Federal Communications Commission (FCC). "After all it looks like the Chinese government tries to get advertising more under their control and that includes that they want to be the only ones to be allowed to remove or alter ads," said Recke. "Ad-block users are a distinct audience and they require a distinct strategy and ways to engage them," said ABP CEO Till Faida at AdExchanger's Clean Ads I/O earlier this year. "They have different standards they've expressed for accessing them, and advertising has to reflect that."
Facebook

Facebook Messenger Hits 1B Monthly Active Users, Accounts For 10 Percent Of All VoIP Calls (techcrunch.com) 55

Speaking of instant messaging and VoIP call apps, Facebook announced on Wednesday that Facebook Messenger has hit the 1 billion monthly active users milestone. The company adds that Messenger is just more than a text messenger -- in addition to the ambitious bot gamble, a digital assistant, and the ability to send money to friends -- Messenger now accounts for 10 percent of all VoIP calls made globally. Messenger's tremendous growth also underscores Facebook's mammoth capture of the world. The social network is used by more than 1.6 billion people actively every month. WhatsApp, the chat client it owns, is also used by more than one billion people.

TechCrunch has a brilliant story on the growth of Messenger from the scratch.
Government

Library of Congress Hit With a Denial-Of-Service Attack (fedscoop.com) 22

An anonymous reader writes: The Library of Congress (LOC) announced via Twitter Monday that they were the target of a denial-of-service attack. The attack was detected on July 17 and has caused other websites hosted by the LOC, including the U.S. Copyright Office, to go down. In addition, employees of the Library of Congress were unable to access their work email accounts and to visit internal websites. The outages continue to affect some online properties managed by the library. "In June 2015, the Government Accountability Office, or GAO, published a limited distribution report -- undisclosed publicly though it was sourced in a 2015 GAO testimony to the Committee on House Administration -- highlighting digital security deficiencies apparent at the Library of Congress, including poor software patch management and firewall protections," reports FedScoop.
Google

Google Is Spending Half a Billion Dollars To Curry Europe's Favor (cnet.com) 72

An anonymous reader writes: Google has ratchet up its investment in European goodwill, aiming to spend about $450 million from 2015 to 2017 as EU regulators narrow their gaze on the search giant, according to a report by the New York Times. The company is pouring money into wide-ranging sponsorships, like an exhibition at a Belgian museum incorporating virtual reality, a fund to help European news publishers amp up their web savvy, a digital training course for Irish teachers, and YouTube-backed concerts, according to the report.
Television

Star Trek CBS Series To Be Streamed Internationally On Netflix (variety.com) 161

An anonymous reader writes: Netflix has announced that it has secured a deal to stream every episode of the new Star Trek TV series within 24 hours of its original network broadcast. However, neither the U.S. nor Canadian subscribers are included in the deal, which otherwise covers every territory that Netflix operates in worldwide. Stateside viewers will be able to stream the new show via CBS's own All Access digital subscription video-on-demand and live streaming service, with Canadian streaming provisions yet to be announced. The deal represents a potential major step forward in the company's determination to bypass regional licensing, and at one stroke eliminates the typical years of delay that occur when a U.S. program seeks foreign audiences.
Earth

Do You Have A Living Doppelgänger? (bbc.com) 142

HughPickens.com writes: Folk wisdom has it that everyone has a doppelganger; somewhere out there there's a perfect duplicate of you, with your mother's eyes, your father's nose and that annoying mole you've always meant to have removed. Now BBC reports that last year Teghan Lucas set out to test the hypothesis that everyone has a living double. Armed with a public collection of photographs of U.S. military personnel and the help of colleagues from the University of Adelaide, Lucas painstakingly analyzed the faces of nearly four thousand individuals, measuring the distances between key features such as the eyes and ears. Next she calculated the probability that two peoples' faces would match. What she found was good news for the criminal justice system, but likely to disappoint anyone pining for their long-lost double: the chances of sharing just eight dimensions with someone else are less than one in a trillion. Even with 7.4 billion people on the planet, that's only a one in 135 chance that there's a single pair of doppelgangers. Lucas says this study has provided much-needed evidence that facial anthropometric measurements are as accurate as fingerprints and DNA when it comes to identifying a criminal. "The use of video surveillance systems for security purposes is increasing and as a result, there are more and more instances of criminals leaving their 'faces' at a scene of a crime," says Ms Lucas. "At the same time, criminals are getting smarter and are avoiding leaving DNA or fingerprint traces at a crime scene." But that's not the whole story. The study relied on exact measurements; if your doppelganger's ears are 59mm but yours are 60mm, your likeness wouldn't count. "It depends whether we mean 'lookalike to a human' or 'lookalike to facial recognition software,'" says David Aldous. If fine details aren't important, suddenly the possibility of having a lookalike looks a lot more realistic. It depends on the way faces are stored in the brain: more like a map than an image. To ensure that friends and acquaintances can be recognized in any context, the brain employs an area known as the fusiform gyrus to tie all the pieces together. This holistic 'sum of the parts' perception is thought to make recognizing friends a lot more accurate than it would be if their features were assessed in isolation. Using this type of analysis, and judging by the number of celebrity look-alikes out there, unless you have particularly rare features, you may have literally thousands of doppelgangers. "I think most people have somebody who is a facial lookalike unless they have a truly exceptional and unusual face," says Francois Brunelle has photographed more than 200 pairs of doppelgangers for his I'm Not a Look-Alike project. "I think in the digital age which we are entering, at some point we will know because there will be pictures of almost everyone online.
Earth

Null Island: The Land of Lousy Directional Data (vice.com) 91

An anonymous reader writes: Null Island is one of the world's most visited places for directional data that doesn't exist in real life. The Wall Street Journal reports (Warning: source may be paywalled): "In the world of geographic information systems, the island is an apparition that serves a practical purpose. It lies at 'zero-zero,' a mapper's shorthand for zero degrees latitude and zero degrees longitude. By a programming quirk introduced by developers, those are the default coordinates where Google maps and other digital Global Positioning System applications are directed to send the millions of users who make mistakes in their searches. [About seven years ago, Mr. Kelso, who had heard the phrase used by other cartographers, encoded Null Island as the default destination for mistakes into a widely used public-domain digital-mapping data set called Natural Earth, which has been downloaded several million times. On a whim, he made the location at zero-zero appear as a tiny outcrop one-meter square. In no time at all, other mappers gave the 'island' its own natural geography, created a website, and designed T-shirts and a national flag.]" If you're feeling cognitively lazy, you can watch the short animated YouTube video explaining Null Island.
Businesses

Tor Project Installs New Board of Directors After Jacob Appelbaum Controversy (theverge.com) 105

An anonymous reader writes: The Tor Project announced today that is has elected an entirely new board of directors as part of a larger shake-up after accusations of misconduct by former employee Jacob Appelbaum. Appelbaum left the company in June after the nonprofit organization said it had received multiple accusations against him. The seven board members that are leaving the organization said in a statement today that it is their "duty to ensure that the Tor Project has the best possible leadership." The New York Times reports that the board agreed to step down following the controversy surrounding Appelbaum. Some of the board members who will be leaving include Tor Project co-founders Roger Dingledine and Nick Mathewson, who will continue to work on the organization's technical research and development team, according to the statement. They will be replaced with several prominent cryptographers and scholars, including University of Pennsylvania professor Matt Blaze, Electronic Frontier Foundation Executive Director Cindy Cohn, and security technologist Bruce Schneier. Meanwhile, researchers at MIT have been working on a new anonymity network that they say is more secure than Tor.
Bitcoin

Ex-Google Engineer Launches Blockchain-Based System For Banks (reuters.com) 62

An anonymous reader quotes a report from Reuters: A former Google engineer, whose speech recognition software is used in more than a billion Android smartphones, has launched a company that uses blockchain technology to build a new operating system for banks. Paul Taylor, a Cambridge University academic with an expertise in artificial intelligence, speech synthesis and machine learning, started working on the system, called Vault OS, two years ago in a basement in London's Shoreditch district, known for being a tech start-up hub. The technology, which underpins the digital currency bitcoin, creates a shared database in which participants can trace every transaction ever made. The ledger is tamper-proof and transparent, meaning that transactions can be processed without the need for third-party verification. The system also negates the need for costly in-house data centers, as it uses cloud-based systems, which banks can use on a "pay-as-you-go" basis, which means that there is no single point of failure. Taylor said major high-street banks were spending around a billion pounds ($1.3 billion) a year on computer technology, much of which he said was being used for propping up the current "legacy" systems rather than on any innovative technology. The start-up has been working with about ten banks, Taylor said, at least one of which would be starting a trial using the new system in August. He expects the system to be up-and-running within about a year. In banking-related news, a Congressional report shows that China's spies hacked into computers at the Federal Deposit Insurance Corporation (FDIC) from 2010 until 2013 and American government officials tried to cover it up.
Encryption

FBI Agent: Decrypting Data 'Fundamentally Alters' Evidence (vice.com) 89

Joseph Cox, reporting for Motherboard: An FBI agent has brought up an interesting question about the nature of digital evidence: Does decrypting encrypted data "fundamentally alter" it, therefore contaminating it as forensic evidence? According to a hearing transcript filed last week, FBI Special Agent Daniel Alfin suggested just that. The hearing was related to the agency's investigation into dark web child pornography site Playpen. In February 2015, the FBI briefly assumed control of Playpen and delivered its users a network investigative technique (NIT) -- or a piece of malware -- in an attempt to identify the site's visitors. [...] According to experts called by the defense in the affected case, the fact that the data was unencrypted means there is a chance that sensitive, identifying information of people who had not been convicted of a crime was being sent over the internet, and could have been manipulated. (Alfin paints this scenario as unlikely, saying that an attacker would have to know the IP address the FBI was using, have some sort of physical access to the suspect's computer to learn his MAC address, and other variables.)
Privacy

XDedic, Underground Market For Hacked Servers, Resurfaces On Tor Domain (threatpost.com) 20

Reader msm1267 writes: The defunct xDedic marketplace has resurfaced again, this time on a Tor network domain. The marketplace provides a platform for buying and selling of hacked servers. Its original open web domain, xdedic[,]biz, had disappeared shortly after a June 15 Kaspersky Lab report on its activities. The original market had upwards of 70,000 hacked servers for sale from more than 400 unique sellers. It's unknown how much inventory is being peddled on the new site, which was uncovered by researchers at Digital Shadows, who found a post on a Russian and French criminal forum pointing to a Tor domain as the new home of xDedic. The new site has the same look and feel as the old one, but Digital Shadows said accounts had not been transferred, and that there is now a $50 USD enrollment fee to join the new market.
Technology

Hamilton Producer Jeffrey Seller: Live Theater Is the Antidote To Digital Overload (recode.net) 100

As more people come online and get hold of smartphones, we are witnessing a generation that is reliant on their phones to get news, entertainment, and educational resources among other things. They watch movies and TV shows on Netflix and other services, and they listen to music on Spotify, Apple Music and YouTube. Naturally, you would think that people in the Broadway theater business must be threatened that nobody will physically attend their show anymore, but that's not necessarily the case, at least not with everyone. Take Jeffrey Seller, for example, the producer of Broadway megahit Hamilton refuses to fold to the virtual reality laden world, and he has numbers on his side. From a Recode article (you can also found an hour-long podcast on this there): The success of "Hamilton," which is sold out in New York through May 2017 and will soon spread to Chicago, San Francisco and London, has convinced Seller that demand for a real, non-digital experience is stronger than ever. He said 13 million people went to see Broadway shows in the past season, and only 500,000 of those were "Hamilton" attendees. By contrast, when Seller first made a splash as the co-producer of "Rent" in 1996, he estimated total Broadway attendance was around eight million to nine million people. "Experiencing art live with friends, with family, with people we love, is so rewarding that people are searching it out amidst the digital age, in which our faces are in our phones seemingly every other hour of the day," he said.Explaining why he thinks that virtual reality cannot completely take over, in a rather crass example, Seller adds, "Do you want to have sex or do you want to have a virtual reality experience of sex?"
Censorship

UK Proposes Mandatory Age Verification For Porn Sites (mirror.co.uk) 146

A proposed bill read in the House of Commons, "suggests that by next year websites will require visitors to prove they are of legal age before entering..." reports the Mirror. Britain's prime minister "says none of Britain's top 10 porn sites -- which account for 52% of all views -- have a 'robust' process to verify users' age," citing figures that 10% of the site's viewers are below the age of 18. The Independent adds that "the issue has alarmed privacy campaigners, since it could mean having to register a credit card with a porn website." U.K. lawyer Neil Brown contacted Slashdot with more on the age-verification requirement: Sites which failed to do so could face fines of up to 250,000 pounds or 5% of annual turnover. Their URLs could also be given to ISPs and payment processing providers, to consider voluntary blocking/service suspension, although no mandatory blocking regime is planned currently.
This is the same bill that proposes jail terms up to 10 years for those found guilty of copyright infringement. According to the article, one 2013 study found that 7% of the world's porn was hosted in the UK, with 60% in America and 26% in the Netherlands.
Twitter

Yahoo and Twitter CEOs Have Their Twitter Accounts Compromised 43

The man who sent Twitter's very first public tweet now also becomes the first Twitter CEO to have his own Twitter account compromised. An anonymous reader quotes a report from Digital Trends about this weekend's wave of high-profile attacks: At 2:50 a.m. ET, a tweet reading, "Hey, its OurMine, we are testing your security" and linking to the group's website was briefly posted, and while it was soon deleted, identical tweets continued to appear... The group has previously taken over other social media accounts, including Google's Sundar Pichai's Quora account, and Mark Zuckerberg's Instagram, LinkedIn, Pinterest, and Twitter accounts...

Dorsey also wasn't the only tech heavy hitter whose Twitter account was breached during that 24-hour period. Yahoo CEO Marissa Mayer and venture capitalist Vinod Khosla also saw breaches to their accounts, both of which were attributed to OurMine.

The Tweets may have come from Vine, according to Digital Trends, "which suggests that Dorsey was either using an old or shared password on the video network, or had otherwise connected his account to a compromised service...it's certainly alarming that a man who ostensibly is more aware than most of security protocols (especially on Twitter) fell victim to such an attack..."
Businesses

Nintendo Stock Price Up 9% After Pokemon Go Launch (venturebeat.com) 46

An anonymous reader writes: Following the release of the location-based mobile game Pokemon Go, Nintendo's stock is up 9 percent on the Tokyo Exchange. VentureBeat reports: "The iOS and Android app debuted Wednesday evening in the United States, and it has fans outside walking around looking for digital creatures to catch on a GPS-powered world map. The free download shot to No. 1 on the top-grossing chart in less than a day. With that level of demand, developer Niantic is having trouble keeping its servers up, and players are complaining about outages and connection issues. It comes from The Pokemon Company International, which is a separate entity that Nintendo only owns one-third of in partnership with Pokemon developers Creature Inc. and Game Freak. Having even just a piece of the Pokemon Go party should mean significant revenue for Nintendo, but this also keeps the brand relevant."

Slashdot Top Deals