Skip to content

Archive for


Uber remotely locked PCs in foreign offices to thwart investigators

We all know by now that Uber has some shady practices when it comes to law enforcement. Today, Bloomberg reported that the ride-hailing startup has a program called Ripley, which is designed to thwart local police and government investigators that raid Uber’s local offices. When officials show up at Uber’s offices, company managers were instructed to call a number that pinged Uber headquarters. Employees in San Francisco would then log onto the foreign office’s machines remotely and sign out of computers and devices, change passwords and even lock up data in order to ensure that investigators couldn’t find what they were looking for.

Uber has used Ripley multiple times in various countries, such as Belgium, Amsterdam and France. The last time it was used is unclear, but insiders told Bloomberg the protocol was definitely utilized in late 2016. While managers were reportedly informed about Ripley, regular employees at foreign offices were not.

The idea for Ripley came about after a raid on Uber’s Brussels office in early 2015. There were accusations that the service had been operating without proper licenses, and the courts were able to shut the company down based on what the police found in Uber’s offices. Salle Yoo, who was Uber’s general counsel at the time (and has since left the company), asked her staff to prepare measures to counter these kinds of raids. The IT department began working on the early stages of Ripley; the company’s security team took the program over in 2016.

Uber has the right to protect its trade secrets and ensure that secret company information isn’t handed over to just anyone. And people who spoke to Bloomberg made clear that, in some cases, local law enforcement didn’t have proper paperwork or were operating under overly broad warrants. In that case, the use of a program like Ripley is justified.

However, the fact is that Uber has flouted local authority again and again in an incredibly shady way, refusing to comply with local regulations and using tools like Greyball to tag known investigators and serve a fake version of the app to thwart possible sting operations. It’s not surprising that Ripley exists, knowing that, but the scope and intent of the program is eyebrow raising — at least, as eyebrow raising as anything can be anymore when it comes to Uber.

Source: Bloomberg


US Senate and Navy computers tied to revenge porn site

The Daily Beast reports today that a number of users of revenge porn site Anon-IB appear to be connecting from government computers. Einar Otto Stangvik, a security analyst with Norway’s VG newspaper, was able to pull IP addresses from the website and they showed that a number of Anon-IB commenters and posters were logging on through IP addresses belonging to the US Navy, the US Senate, the Department of Energy and the Executive Office of the President.

Some of the messages originating from Senate IP addresses asked for nude photos, or “wins,” of specific women while others included so-called “Xray” posts — photos edited so the women in them appear to be nude or dressed in more revealing clothing. A post linked to the Executive Office of the President shared an image of a naked woman and claimed to have more that would be shared once others posted photos. Users connected to Navy IP addresses asked for photos of specific women — including servicewomen — and shared nude photos while teasing more.

The Daily Beast notes that having the IP addresses of Anon-IB users doesn’t allow specific people to be linked to the site. And it’s also possible that hackers could be routing traffic through the government computers. A Navy official told The Daily Beast, “The Navy holds all our employees — military and civilian — to the highest standards of personal conduct, expecting everyone to treat each other with dignity and respect. Those who conduct themselves contrary to our core values of honor, courage and commitment will be held accountable.”

Fighting revenge porn has proved to be tough and the anonymity of sites like Anon-IB doesn’t help. Twitter, Microsoft, Google and Pornhub have issued new rules or made reporting revenge porn easier in recent years while Facebook, which has struggled to fix its major revenge porn problem, released a prevention tool last year that requires users to upload their own nude photos — a feature that was, naturally, met with skepticism.

Some governments have stepped in to tackle the problem as well. Australia created a national reporting tool last year and California launched a similar, but more limited, hub in 2015. A German court ruled in 2014 that subjects of nude photos can withdraw their consent, meaning, for example, an ex can’t keep them around once the relationship ends if the person doesn’t want them to. And as of 2015, revenge porn is a specific crime in the UK. The US Senate introduced a bill in November that proposes federal criminal liability for sharing revenge porn. There have also been some notable convictions of revenge porn peddlers with sentences ranging from a ban on sharing photos of others to 18 years in prison.

“Stolen, revenge motivated and otherwise abusive imagery posted online has become a very real issue over the last years,” Stangvik said to The Daily Beast. “I fear that failure to deal with the problem will normalize online abusive behavior and sexual harassment, and that this will further nourish victim blaming and dismissal of the abuse as ‘to be expected.’”

Source: The Daily Beast


A pair of vibrating wearables kept me calm during the stress of CES

I’ll admit I was skeptical at first. Can wearing two vibrating devices really reduce stress? That’s what Touchpoints claims to do, and as I found out this week during a crazy day at CES, the company delivers on that promise. What’s more, I have the brain scans to prove it.

The company was co-founded by neuropsychologist Dr. Amy Serin as part of her effort to help people who suffer from PTSD. During the course of her research, she discovered that wearing a pair of tiny pulsing gadgets can also help gifted children or stressed out adults. In fact, she told me that the product is most popular among women aged 35 to 55, who are typically dealing with the stresses of managing family life and making sure the kids get from A to B with everything they need. Touchpoints can also help with things like night terrors or other sleep-related issues.

The devices are tiny squares about the size of a watch face. There’s a single button for turning them on/off and they’ll automatically pair with your phone — if you have Bluetooth turned on, of course. From there, a companion app will ask you a series of questions to determine your stress level before suggesting a preset. And yes, you can always switch to a new one or dial in the intensity and rhythm settings manually. Touchpoints can be placed on your wrists, in your pocket or anywhere you can feel the vibrations. However, you do have to wear two of them since the soothing effect is creating by a pulsing back and forth. For that reason, I opted for the in-the-pocket method rather than slapping them on my wrists.

As a demonstration of how well Touchpoints work, the company offered brain scans here at CES. The first part of the test includes thinking about something super stressful and allowing a neuroscientist to take some detailed images of your brain activity. After that, I was handed a pair of vibrating Touchpoints, asked to think about the same stressful thing again and more images were taken.

As you can see in the image above, the left is the first scan and the right side is the second. The Beta frequency is associated with stress or overactivity in the brain — as illustrated by the red dots in the first scan. Once I was handed the Touchpoints though, I was never able to stress myself out to the same level as the first time around. Trust me, I tried. What’s more, the pulsing sensation was quite soothing throughout almost a full day of wear. I had to remove them to charge in the early evening, otherwise I would’ve kept them on from morning until evening (more than eight hours). It was a lack of planning on my part, not due to any battery life issues.

Sure, they work well, but there are a couple downsides to wearing Touchpoints. The first is the vibrations are quite loud if you find yourself in a quiet room — similar to the buzzing of a phone. I had to turn them off during an audio demo later in the day after some dirty looks from fellow show attendees. The second, for me, is the price. At $240, they’re not something you’d purchase without some consideration. However, if they work for the masses as well as they work for me — and Touchpoints has plenty of research that says they do — that’s a small price to pay for drastically reducing your stress levels, being able to sleep better at night or getting helping with a range of neurological issues you might be facing.

Click here to catch up on the latest news from CES 2018.


Apple Health app data used as evidence in rape investigation

Law enforcement might have difficulty accessing iPhones, but it can obtain a wealth of information when it does get in. German investigators have used data from iOS’ built-in Health app as evidence in the investigation of a rape and murder case. Police cracked the suspect’s phone with the help of an unnamed Munich company and discovered Health data that corresponded with his reported activity the day of the crimes, which included dragging the victim down a river embankment and climbing back up. The suspect’s Health app appeared to have registered this last action as two instances of stair climbing, and an officer obtained similar results when replicating the accused’s movements.

The Health info (which also included his overall activity levels) was only part of the information investigators collected. They only had incomplete public surveillance video and geodata, but they noticed that his phone contacted a cell tower near the crime scene at a time consistent with video footage, and that there was an unusually long period of inactivity before it had to contact a new cell site. The victim’s Nokia phone also sent its last location data shortly after the crime is believed to have taken place.

This isn’t the first time fitness data has been used in court, but iOS Health app use is rare for a good reason: it’s encrypted both the moment you lock your phone and when it’s saved to iCloud. Police can only realistically obtain it by unlocking the device generating the data. Moreover, it can only say so much about a suspect’s behavior when it doesn’t include location info. However, this is a reminder of the potential privacy issues surrounding activity info. While it may prove important to convictions in cases like this, there are concerns it could be abused without adequate privacy protections (which doesn’t appear to be the case here) or if it falls into the wrong hands.

Via: Motherboard

Source: Welt (translated)


House votes to extend NSA’s warrantless surveillance capabilities

Today, the US House of Representatives voted to renew the law that allows the National Security Agency to surveil communications between American companies and foreigners located outside of the country without a warrant. It’s Section 702 of the FISA Amendments Act, and the House extended its provision for six years. It still go through the Senate, but according to The New York Times, there are fewer advocates of major overhaul to current spying laws in that chamber, so it will likely pass without too much difficulty.

The House also rejected an amendment to the bill that would have included extra protections, including requiring investigators to obtain warrants before looking at personal communications of American citizens that get caught up in the provisions of FISA. There was also a proposal for a less dramatic overhaul of spying law that was developed by the House Judiciary Committee, but it was blocked by House Speaker Ryan.

It’s a victory for the Trump administration, though the president appears to not have realized what his side of the bill his party was on when he tweeted his opposition to it. A few hours later, he changed his mind and tweeted in support the bill.

With that being said, I have personally directed the fix to the unmasking process since taking office and today’s vote is about foreign surveillance of foreign bad guys on foreign land. We need it! Get smart!

— Donald J. Trump (@realDonaldTrump) January 11, 2018

The movement to change these spy laws, and provide stronger protections for American citizens, had bipartisan support and had been in the works for years. It seems that lawmakers have some time to regroup and try again in another six years.

Source: New York Times


Stephanie McMahon is bringing the WWE to new audiences

Stephanie McMahon was born into the WWE franchise and she’s built a successful career inside and outside of the ring. Today, her job involves spreading the word about professional wrestling and bringing WWE to as many people as possible, wherever and whenever they want to catch a match. This means interacting with fans on social media and putting WWE on new platforms, like Facebook Live and VR.

For CES, WWE revealed a new channel on NextVR, the platform that hosts official NBA, NFL and boxing content. On the Engadget stage, McMahon dove into WWE’s vision for VR (and beyond), and she told a few heartwarming stories: One about how a Twitter hashtag helped nudge WWE toward gender equality in the ring, and another about famed wrestler Andre the Giant.

Click here to catch up on the latest news from CES 2018.


‘Dark Souls’ and ‘Mario Tennis’ join Switch’s 2018 lineup

Nintendo revealed another slew of titles that will come to the Switch, from old favorites and cult classics to, uh, Dark Souls. In today’s Nintendo Direct video, the company announced new Kirby and Mario Tennis games headed to the console, plus a couple indie games and re-releases. There’s also DLC coming for some of the console’s best games, including Super Mario Odyssey, Pokkén Tournament DX and Mario + Rabbids.

Dark Souls: Remastered, out on May 25th, joins Skyrim and Doom as prominent third-party games getting new life on Nintendo’s console. The 2013 game Payday 2 is also coming to the Switch on February 27th, complete with online cooperative gameplay. On the indie side, the EA Originals game Fe is coming to Nintendo’s console on February 16th, while tower platformer Celeste is out on January 25th.

Players looking for more relaxed gameplay can try out the Dragon Quest Builders demo, live on the Nintendo eShop today. The Switch is also getting a port of the action RPG Ys VIII: Lacrimosa of Dana this summer, which came out on the PlayStation Vita in 2016. Fighting game fans won’t get new full games, but they will get the odd SNK Heroines Tag Team Frenzy this summer and revived 16-bit ACA NEOGEO Art of Fighting today on the Nintendo eShop.

On the first-party side, Nintendo announced Kirby Star Allies will arrive for the Switch on March 16th, while the new title Mario Tennis Aces is slated for release sometime in the Spring. A definitive version of the Dynasty Warriors-like horde brawler Hyrule Warriors, which includes all the content from the old Wii U and 3DS versions of the game plus character skins from Breath of the Wild, will come to the console sometime in Spring 2018. The Wii U’s underrated Donkey Kong Country: Tropical Freeze is getting ported to the Switch, out on May 4th. And out of nowhere, Square Enix’s Nintendo DS cult hit (released a solid decade ago) The World Ends With You is getting re-released on the Switch and will be available at some point in 2018.

On the DLC front, the free Super Mario Odyssey content addition is titled Luigi’s Balloon World and comes out next month. Unfortunately, it’s only a minigame with leaderboards, but Nintendo knows their audience: “It’s like a new form of objective-based speedrunning!” as the announcer described it in the Direct video. The paid Battle Pack DLC for Pokkén Tournament DX will be split in half, the first arriving on January 31st and the second on March 23rd, with each introducing a new battle Pokémon (Aegislash and Blastoise, respectively) and supports. New DLC for Mario + Rabbids includes new story content starring Donkey Kong as a playable fighter this Spring.

Phew! Sadly, no Metroid, Super Smash Bros or Animal Crossing news, but that’s still a hefty amount of new and old content in the next few months to tide us over until Spring announcements.

Source: Nintendo Direct 1.11.2018 (YouTube)


ZTE shares its plans to keep experimenting with mobile phones

ZTE has had an interesting 2017. The crowd-sourced eye-sensing phone it was planning didn’t happen, because of criticism about its proposed specs. Then, the company released a dual-screen foldable phone via AT&T, which drew plenty of curiosity. ZTE continues to make what it calls “affordable premium” phones — the large, sub-$200 phones you’ll find at low-cost carriers like Boost — and says it remains dedicated to creating a line of foldable phones. Check out what vice president of marketing Jeff Yee had to say about the year ZTE has had and the year ahead.

Click here to catch up on the latest news from CES 2018.


FBI Forensic Examiner Stephen Flatley Calls Apple ‘Jerks’ and ‘Evil Geniuses’ for Encrypting iPhones

Senior FBI forensic examiner Stephen R. Flatley spoke at the International Conference on Cyber Security yesterday, and during the talk he discussed Apple and the FBI’s differing opinions on the topic of smartphone encryption. According to Motherboard, Flatley described the company as “jerks” and “evil geniuses” for creating iOS device encryption that is so powerful as to prevent Apple itself from entering users’ iPhones.

Flatley said that recent updates to Apple device encryption have made password guesses slower, by increasing hash iterations from 10 thousand to 10 million, “making his and his colleagues’ investigative work harder.” This extended brute force crack time from a few days to two months, leading to Flatley stating that Apple is “pretty good at evil genius stuff.” No detailed context was given regarding his “jerks” comment.

Image of Stephen Flatley taken by Lorenzo Franceschi-Bicchierai via Motherboard

That means, he explained, that “password attempts speed went from 45 passwords a second to one every 18 seconds,” referring to the difficulty of cracking a password using a “brute force” method in which every possible permutation is tried. There are tools that can input thousands of passwords in a very short period of time—if the attempts per minute are limited, it becomes much harder and slower to crack.

“Your crack time just went from two days to two months,” Flatley said. “At what point is it just trying to one up things and at what point is it to thwart law enforcement?” he added. “Apple is pretty good at evil genius stuff.”

Flatley’s comments come nearly two years after the Apple-FBI dispute began, when a federal judge ordered Apple to help the FBI enter the iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino. The FBI said it wanted Apple’s help to enter just Farook’s iPhone 5c, but Apple explained that the software it was asked to create could become a “master key” and be able to get information from any iPhone or iPad.

For this reason, Apple denied the request and CEO Tim Cook penned an open letter describing the potential for setting a “dangerous precedent” if the company did go along with the order. The battle eventually ended a few months later after the government discovered an alternative way of entering Farook’s iPhone 5c, reportedly with the help of Israeli firm Cellebrite.

Flately mentioned Cellebrite as well during the security conference, describing the firm as “another evil genius” that counters Apple’s encryption and can help the FBI when it needs to enter a smartphone. The forensic examiner was described as not clearly stating Cellebrite’s name, but “facetiously coughing” at the same time to somewhat obscure the comment.

Although the Apple-FBI dispute has ended, debates over smartphone encryption have remained ongoing the past few years. In October 2017, a report came out stating that the FBI was unable to retrieve data from 6,900 mobile devices it had attempted to gain access to over the previous 11 months. That number accounted for half of the total devices the FBI tried to get into, and FBI Director Christopher Wray described the FBI’s inability to retrieve information from these devices as a “huge, huge problem.”

At the end of the case in 2016, Apple issued a statement explaining that the company will continue to assist the FBI when it can, but not at the expense of the data protection, security, and privacy of its customers: “Apple believes deeply that people in the United States and around the world deserve data protection, security, and privacy. Sacrificing one for the other only puts people and countries at greater risk.”

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: FBI, Encryption, Apple-FBI
Discuss this article in our forums

MacRumors-All?d=6W8y8wAjSf4 MacRumors-All?d=qj6IDK7rITs


CES 2018: Scosche Announces New ‘MagicMount Pro’ Qi Wireless Charging Accessories

Scosche today announced new Qi-compatible MagicMount Pro wireless charging accessories that are compatible with the iPhone X, iPhone 8, and iPhone 8 Plus.

All of the accessories in the new MagicMount Pro CHARGE line feature the Scosche’s MagicMount magnetic mounting functionality, with a 360-degree adjustable cradle that allows them to be mounted in the most convenient position. The MagicMount is designed to mount in cars, on nightstands, on desks, on countertops, and more.

Scosche says the MagicMount Pro products feature 5W or 10W Adaptive Fast Charging for “the quickest charge possible” for all Qi-enabled smartphones. Apple’s iPhones use 7.5W charging, however, and compatibility with the faster 7.5W iPhone charging specification is not explicitly mentioned.

There are several vehicle-compatible products in the MagicMount Pro CHARGE family:

  • MagicMount Pro CHARGE Window/Dash – Designed to stick to a vehicle’s window or dash using a suction base.
  • MagicMount Pro CHARGE Vent – Attaches to the vent in any vehicle and can also be detached to be used as a kickstand to watch videos.
  • MagicMount Pro CHARGE CD – Mounts in a vehicle’s CD slot.
  • MagicMount Pro CHARGE Surface – Attaches to a vehicle’s console using a StickGrip mat.

Each MagicMount Pro product includes an AC wall adapter, a micro-USB charging cord, and two MagicPLATEs with 3M adhesive.

Scosche is also introducing a new Qi Dock Powerbank that’s able to charge a Qi-compatible smartphone and a powerbank, which can then be used on-the-go to charge mobile devices.

In its standalone MagicMount series designed for mobile devices like the iPhone, Scosche is debuting new MagicMount ELITE products that combine it’s well-known magnetic mounting functionality with a more attractive metal alloy finish. As with the Qi accessories, the ELITE series features several products to meet a range of needs.

Scosche’s Qi-based products and its new Magic Mount ELITE line will all be launching in the spring of 2018. More information on the upcoming accessories can be found on Scosche’s website.

Tag: CES 2018
Discuss this article in our forums

MacRumors-All?d=6W8y8wAjSf4 MacRumors-All?d=qj6IDK7rITs

%d bloggers like this: