This technique looks interesting, but from what I gather it only works with incandescent light bulbs.

https://arstechnica.com/information...p-by-watching-a-light-bulbs-variations/?amp=1

The researchers found that the tiny vibrations of the light bulb in response to sound—movements that they measured at as little as a few hundred microns—registered as measurable changes in the light their sensor picked up through each telescope.

 

This technique looks interesting, but from what I gather it only works with incandescent light bulbs.

https://arstechnica.com/information...p-by-watching-a-light-bulbs-variations/?amp=1

"The researchers' technique still represents a significant and potentially practical new form of what he calls a "side channel" attack—one that takes advantage of unintended leakage of information to steal secrets"
Kids today... Does anyone really believe various agencies had no idea about background signal modulation detection?

 

Does anyone really believe various agencies had no idea about background signal modulation detection?

No. It’s been well known for years that observing the deflection on an office window can yield good quality sound information. Even from a nearby office building or even further.

 

No. It’s been well known for years that observing the deflection on an office window can yield good quality sound information. Even from a nearby office building or even further.

The evil guys in the van would never do that.

 

https://www.jsof-tech.com/ripple20/

The JSOF research lab has discovered a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities, given the name Ripple20, affect hundreds of millions of devices (or more), and include multiple remote code execution vulnerabilities. The risks inherent in this situation are high. Just a few examples: data could be stolen off of a printer, an infusion pump behavior changed, or industrial control devices could be made to malfunction. An attacker could hide malicious code within embedded devices for years. One of the vulnerabilities could enable entry from outside into the network boundaries; and this is only a small taste of the potential risks.

 

https://www.jsof-tech.com/ripple20/

A custom BSD TCP/IP stack? Hmmm...can't see the code. (But, it's "open source"!)

Someday, the world will learn...

 

Someday, the world will learn...

And, pray tell, what possible evidence do you have that leads you to draw that rosy conclusion?

 

Lost for the criminals here.

https://www.inquirer.com/news/phill...isabeth-blumenthal-george-floyd-20200617.html

As demonstrators shouted, fires burned outside City Hall, and Philadelphia convulsed with outrage over the death of George Floyd, television news helicopters captured footage of a masked woman with a peace sign tattoo and wearing a light blue T-shirt setting a police SUV ablaze.
More than two weeks after that climactic May 30 moment, federal authorities say they’ve identified the arsonist as 33-year-old Philadelphia massage therapist Lore Elisabeth Blumenthal by following the intricate trail of bread crumbs she left through her social media history and online shopping patterns over the years.

...

 

Lost for the criminals here.

https://www.inquirer.com/news/phill...isabeth-blumenthal-george-floyd-20200617.html


...

It doesn't appear that they have any problem with using those same techniques to identify and charge police officers that commit crimes.

It sure seems like the advice they are giving to people are only applicable to those that are going to do things like torch police cars, since I haven't seen any indication that any effort is being made to identify, let alone harass, anyone for anything that is not blatantly illegal.

 

They don't catch the smart ones.
https://www.9news.com/article/news/...orado/73-6b1b969f-56a9-4b44-a2ac-e3e0ac1fcce4

BRECKENRIDGE, Colo. — Videos posted on Snapchat by the suspect of himself setting fire to a police station in Minneapolis Minnesota are ultimately what helped investigators track him down and arrest him in Colorado over the weekend, according to a criminal complaint released Tuesday afternoon.
Dylan Robinson, 22, is accused of throwing a Molotov cocktail into the third precinct police station and setting a fire near a stairwell in Minneapolis during violent riots on the evening of May 28 that erupted after the death of George Floyd.

Law enforcement members also found a Snapchat account believed to belong to Robinson in which a live video was posted at 9:23 p.m. on May 28. In that video, several people are seen making Molotov cocktails. In parts of the video, Robinson turns the camera around to show himself, according to the complaint.

 

@crutschow, given your recent experience, I believe you may find this article interesting.

https://www.nbcnews.com/tech/securi...re-was-probably-planted-nation-state-n1231975

The malicious code was extremely sophisticated, Hussey said. It had what he called a triple layer of persistence. It installed itself at two different locations on the network, and if one was deleted, the other one automatically kicked in.

 

https://martinralbrecht.files.wordpress.com/2020/08/bridgefy-abridged.pdf

Mesh messaging applications allow users in relative proximity to communicate without the Internet. The most viable offering in this space, Bridgefy, has recently seen increased uptake in areas experiencing large-scale protests (Hong Kong, India, Iran, US, Zimbabwe, Belarus, Thailand), suggesting its use in these protests. It is also being promoted as a communication tool for use in such situations by its developers and others. In this work, we perform a security analysis of Bridgefy. Our results show that Bridgefy permits its users to be tracked, offers no authenticity, no effective confidentiality protections and lacks resilience against adversarially crafted messages. We verify these vulnerabilities by demonstrating a series of practical attacks on Bridgefy. Thus, if protesters rely on Bridgefy, an adversary can produce social graphs about them, read their messages, impersonate anyone to anyone and shut down the entire network with a single maliciously crafted message. As a result, we conclude that participants of protests should avoid relying on Bridgefy until these vulnerabilities are addressed and highlight the resulting gap in the design space for secure messaging applications.

 

The NROL-44 spy satellite had a bit of a problem.

https://www.dw.com/en/modern-spy-satellites-in-an-age-of-space-wars/a-54691887

 

No. It’s been well known for years that observing the deflection on an office window can yield good quality sound information. Even from a nearby office building or even further.

Yeah, so the solution was eliminate windows. The last 25 years of my career were spent in a skunk works with no windows. Even the air ducts going into secure areas were locked down.

Ron

 

I'm not sure this qualifies in the privacy subject, but it definitely freaks me out:

https://www.nbcnews.com/tech/tech-n...ething-written-gpt-3-probably-not-it-n1240384​

GPT-3 is not the first natural language program of its kind, but it has already received widespread attention for how good it is at mimicking simple human writing. But its release into the world, while not entirely public, has caused some concern that it could be used to quickly and cheaply generate misinformation or propaganda. Porr's post, while a harmless experiment, offered a concrete example of that risk.

 

I'm not sure this qualifies in the privacy subject, but it definitely freaks me out:

Compared to the awesome power of the human intellect, it’s obvious that computers are just dense electrochemical machines with intricate wiring. And while one day we might develop smarter (though still soulless) computers that surpass the human intellect in the games mentioned above, it will just end up being some more sophisticated way of doing the same thing. Even if it’s more efficient than our brains at doing complex mathematical operations, it will remain entirely in the dark about what it all means. Mindless processing power alone is not the answer to our existential questions. So, in the end, we don’t need to create another HAL 9000, or Skynet, or some evil global intelligent network of computers that rule the world and try to exterminate humanity as we become obsolete, which is a pretty cool subplot for a future Terminator movie. We don’t need any of that. We’re humans, and we are already intellectually superior to machines. End of story.

NB: the paragraph above was written by GPT-3 after being prompted to expound on the weaknesses of deep learning.

 

Hello,

Is the internet breaking up?
https://www.state.gov/announcing-the-expansion-of-the-clean-network-to-safeguard-americas-assets/

Bertus

 

Hello,

Is the internet breaking up?
https://www.state.gov/announcing-the-expansion-of-the-clean-network-to-safeguard-americas-assets/

Bertus

I'm surprised it took the US this long to apply said measures. This is definitely a positive point for the current administration.

 

Worse than extinction itself:

https://www.bbc.com/future/article/20201014-totalitarian-world-in-chains-artificial-intelligence​

It’s called the “world in chains” scenario, where, like the preceding thought experiment, a global totalitarian government uses a novel technology to lock a majority of the world into perpetual suffering.

 

Worse than extinction itself:

https://www.bbc.com/future/article/20201014-totalitarian-world-in-chains-artificial-intelligence​

Twitter?