https://www.msn.com/en-us/news/crime/ar-BB1lkZoq
A thief stole his identity, but nobody believed him. He spent nearly 2 years locked up

But, after 1988, there was no record of Keirans ever using his own name, date of birth or Social Security number, according to his plea agreement.

Instead, Keirans obtained employment, insurance, a Social Security number, driver's licenses, titles, loans and credit using Woods' identity. He even paid taxes under his former coworker's name.

In December 1990, Keirans got a Colorado ID card as Woods. Then he got a job at a fast food restaurant and opened a new bank account, all using the stolen identity.

The following September, Keirans, posing as Woods, bought a car for $600 using checks that later bounced, according to the agreement. As a result, an arrest warrant was issued for Woods.


Keirans' fiction extended to his personal life. He married in 1994. The couple had a child in Oregon who bore Woods' last name. To keep his charade going, Keirans in 2012 obtained Woods' certified birth certificate from Kentucky, using information from Ancestry.com, according to prosecutors.

I'm glad the FBI has my prints on file.

What a monster.
He was trying to get his victim locked up in a psych hospital for life.
Welcome back to being Matthew David Keirans, convict.

 

https://www.theguardian.com/busines...facial-recognition-tools-in-england-and-wales
Shoplifting crackdown to include £55m for facial recognition tools in England and Wales

Silkie Carlo, director of civil liberties at campaign group Big Brother Watch, said the government’s investment in facial recognition technology was “an abysmal waste of public money”.

“This Orwellian tech has no place in Britain,” she said, adding: “Criminals should be brought to justice, but papering over the cracks of broken policing with Orwellian tech is not the solution. It is completely absurd to inflict mass surveillance on the general public under the premise of fighting theft while police are failing to even turn up to 40% of violent shoplifting incidents or to properly investigate many more serious crimes.”

 

InSpectre Gadget
https://download.vusec.net/papers/inspectre_sec24.pdf
https://www.vusec.net/projects/native-bhi/

https://kb.cert.org/vuls/id/155143
Linux kernel on Intel systems is susceptible to Spectre v2 attacks

A new cross-privilege Spectre v2 vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v2 branch history injection (BHI) are likely affected. An unauthenticated attacker can exploit this vulnerability to leak privileged memory from the CPU by speculatively jumping to a chosen gadget. Current research shows that existing mitigation techniques of disabling privileged eBPF and enabling (Fine)IBT are insufficient in stopping BHI exploitation against the kernel/hypervisor.

 

InSpectre Gadget
https://download.vusec.net/papers/inspectre_sec24.pdf
https://www.vusec.net/projects/native-bhi/

https://kb.cert.org/vuls/id/155143
Linux kernel on Intel systems is susceptible to Spectre v2 attacks

Spector and Meltdown. The two gifts that just won't stop giving.

 

https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/
Crickets from Chirp Systems in Smart Lock Key Leak

Matt Brown, the researcher CISA credits with reporting the flaw, is a senior systems development engineer at Amazon Web Services. Brown said he discovered the weakness and reported it to Chirp in March 2021, after the company that manages his apartment building started using Chirp smart locks and told everyone to install Chirp’s app to get in and out of their apartments.

“I use Android, which has a pretty simple workflow for downloading and decompiling the APK apps,” Brown told KrebsOnSecurity. “Given that I am pretty picky about what I trust on my devices, I downloaded Chirp and after decompiling, found that they were storing passwords and private key strings in a file.”

Using those hard-coded credentials, Brown found an attacker could then connect to an application programming interface (API) that Chirp uses which is managed by smart lock vendor August.com, and use that to enumerate and remotely lock or unlock any door in any building that uses the technology.

 

https://www.theregister.com/2024/04/19/cybercriminals_threaten_to_leak_all/

No bank wants to be associated with a known money launderer, after all.

That's what I was thinking.

 

https://www.zdnet.com/article/linus...lopers-hardware-errors-and-hilarious-ai-hype/
Linus Torvalds takes on evil developers, hardware errors and 'hilarious' AI hype

This led to a conversation about the ongoing problem with hardware errors, which can lead to security issues. It's frustrating, said Torvalds, "because we can often react quite quickly in software, but then the hardware people are saying, 'Oh, we have five generations of hardware that we can't fix after the fact, and it will take another couple of years before the actual new hardware [arrives] that can help you work around the problem.'"

With the rise of open hardware such as RISC-V, you might think that wouldn't be a problem for new generations of hardware. Not so, said Torvalds.

"My fear," confessed Torvalds, "Is that RISC-V will make all the same mistakes that everybody else did before them." Why? Well, first, "hardware people are different from software people. There's a fairly big gulf between them." In addition, hardware developers reinvent old ways of doing things and only learn by making all the same mistakes that have been made before. It's sad, but true.
...
Neither of these senior open-source leaders buy into AI hype. Torvalds snarked, "It's hilarious to watch. Maybe I'll be replaced by an AI model!" As for Hohndel, he thinks most AI today is "autocorrect on steroids."

Torvalds summed up his attitude as, "Let's wait 10 years and see where it actually goes before we make all these crazy announcements."

 

AI can predict political orientations from blank faces – and researchers fear 'serious' privacy challenges


​

"Perhaps most crucially, our findings suggest that widespread biometric surveillance technologies are more threatening than previously thought," the study warned. "Previous research showed that naturalistic facial images convey information about political orientation and other intimate traits. But it was unclear whether the predictions were enabled by self-presentation, stable facial features, or both. Our results, suggesting that stable facial features convey a substantial amount of the signal, imply that individuals have less control over their privacy."

 

AI can predict political orientations from blank faces – and researchers fear 'serious' privacy challenges
View attachment 320564
​

Phrenology makes a stunning comeback...

Everything old is new again.

 

AI can predict political orientations from blank faces – and researchers fear 'serious' privacy challenges
View attachment 320564
​

OK, 50.00001% accuracy

 

OK, 50.00001% accuracy
View attachment 320566View attachment 320567

Yeah. I was gonna say the left always has those crazy eyes.

 

Yeah. I was gonna say the left always has those crazy eyes.

 

View attachment 320569View attachment 320571

Yeah. I was gonna say the left always has those crazy eyes.

then why is it that the one on the right looks creepier ?

 

then why is it that the one on the right looks creepier ?

Member's of the psychopath political orientation.

 

https://www.nbclosangeles.com/inves...ishandling-confidential-police-files/3396824/
Assistant LA County District Attorney faces felony charges for allegedly mishandling confidential police files

The head of the Los Angeles County District Attorney’s Office Ethics and Integrity Unit was charged Wednesday by the California Attorney General's Office -- with allegations she unlawfully accessed confidential files that contained legally-protected information about local law enforcement officers.

 

School principal was framed using AI-generated racist rant, police say. A co-worker is now charged.

​

After a meeting, Eiswert told police he believed the audio clip was falsified using AI. According to charging documents, Eiswert told police that he believed Darien was responsible. He said that Darien was "technologically savvy and believed he was familiar with AI," and that there had been conversations with Darien about his contract not being renewed the following semester due to frequent work performance challenges.

 

School principal was framed using AI-generated racist rant, police say. A co-worker is now charged.
View attachment 320770​

Thank goodness most criminals (and officials IMO acting like criminals) are clueless about the clues of criminality they leave.
https://www.lawcommentary.com/artic...s-officials-over-false-pedophilia-accusations
GAME OF THRONES ACTOR JOSEPH GATT FILES $40 MILLION LAWSUIT AGAINST LAPD AND LOS ANGELES OFFICIALS OVER FALSE PEDOPHILIA ACCUSATIONS

The legal complaint outlines a series of events leading to Gatt's arrest, citing an "obsessed" fan who initiated communication with the actor. Despite Gatt's insistence that his interactions with the fan were innocent and appropriate, the fan allegedly fabricated messages of a sexual nature, using a manipulated image of Gatt from his appearance on the TV show "Banshee." The lawsuit contends that law enforcement authorities failed to adequately assess the credibility of the accuser, resulting in Gatt being wrongfully charged with a "baseless crime" and being “publicly branded as a serial pedophile.”

Moreover, the lawsuit asserts that Deputy District Attorney Angela Brunson harbored personal biases and animosity towards Gatt due to his political views, which influenced the handling of the case. It alleges that Brunson ignored glaring inconsistencies in the evidence and overlooked vital information that would have exonerated Gatt.

The charges against Gatt were dismissed in February, and he is now seeking $40 million in damages for the egregious harm inflicted upon his career and reputation.

https://artvoice.com/2024/02/celebr...-clears-name-dda-brunsons-tactics-questioned/
Celebrity Scapegoat: Actor Joe Gatt Clears Name, DDA Brunson’s Tactics Questioned

 

I don't know if this fits neatly in this thread, but here goes.

Was watching a CBC (Canadian Broadcasting Corp) "in depth" news story about the skyrocketing car theft problem in Canada (Ontario in particular). They highlighted how easy it was for thieves to hack many models of cars to electronically override the locks and remote start systems to steal the cars. Of course, they had no shortage of people putting all the blame on the car manufacturers and asking why the owner should be burdened with having to install additional things to make the car harder to steal. A few things jumped out -- several people wanted to know why the police couldn't track THEIR stolen car and called on tracking systems to be required in new cars (of course, the reporter never bothered to ask these people if they had any qualms about the police or others being able to track their every movement any time they felt like it). They made a big deal about how it was insane that someone with the right equipment could pair a blank electronic key with the car in order to steal it (of course, the reporter never bothered to ask the people that thought this was insane if they thought it should be easier for someone that has lost their key fob to be able to have someone come out and quickly replace it with a new one). Then they had an outfit that touted their solution to the problem, which was to program the car's computer so that every time you got in you had to go through a specific sequence of steps, such as setting the heater fan to the second setting and then locking the rear door followed by flashing the high beams, before the car could start, calling it a type of PIN and claiming that this would prevent thieves from being able to start it. Several thoughts on this one came to mind: First, how many people are really going to want to go through a dance like this every time they get in their car. Second, what happens when they forget the secret dance -- or when a family member that seldom drives the car takes it somewhere and forgets the secret dance while they are there? Third, what do you do in the many circumstances that someone else needs to drive the car, such as valet parking, or an auto repair shop, or any of a host of other situations? Do you have to disclose your secret dance to all of these people? If so, then what's to prevent them from selling your secret dance to a car theft ring? If you can disable the secret dance in these situations, what's to prevent the thieves from figuring out how to hack the system and disabling it before they steal it. Finally, if the car thieves can use equipment to hack the car and reset codes or key fobs, just like a legitimate repair shop can, upon what basis do they contend that the thieves can't do the same thing with this system?

Another point that the story looked like it might be about to make, but then didn't, is that manufacturer-based security systems start out at a disadvantage compared to good aftermarket systems. If Car Company XYZ has the Stop Thief 3000 installed in all of their cars, the bad guys only have to invest the time and resources to figure out how to defeat the ST3k system and, if they succeed, they can now steal any XYZ car that has it -- and they know that if they walk up to an XYZ automobile, that it probably has the ST3k system in it. So they have a strong motivation to devote a lot of time and resources at defeating the ST3k. But if someone puts in an aftermarket system, the thief is at the disadvantage because they have to figure out that the car has an aftermarket system, and then which aftermarket system. Then they have to know how to defeat that particular aftermarket system, and since any given such system is going to have a much smaller fraction of the market, there is much less likelihood that the thieves will have been willing to spend the time and resources to figure out how to defeat it.

While there's a number of issues that these stories always miss or gloss over, the one that is almost never mentioned when they insist that the manufacturers are to blame is that customers have a long and well-established history of demanding convenience over security (not just about cars, either) and almost anything that is done to noticeably improve security is going to have a negative impact on that all-important convenience. People want to be able to start their car without having to take a key out of their pocket, yet are dumbfounded when the bad guys figure out how to intercept, record, analyze, and then spoof the very signals that make this possible.

I have a '93 Yukon that has a pretty effective device in it -- there's a module on the engine that has a button on it that, if depressed, grounds the ignition coils. I don't know if it was a factory option or not. It doesn't look like any kind of anti-theft system and the button is hard to see. I only know about it because a mechanic accidentally activated it and spent an entire day trying to figure out why the ignition system had suddenly died. But do I use it? Almost never. Too inconvenient to pop the hood, push the button, and close the hood. Then again, it's a '93 Yukon. I never lock the doors and I leave the key in the console between the front seats. Perhaps the best theft-deterrence system is simply to drive a vehicle that no one in their right mind would want to steal.

 

Of course, they had no shortage of people putting all the blame on the car manufacturers and asking why the owner should be burdened with having to install additional things to make the car harder to steal.

I say the same about certain operating systems.

 

I say the same about certain operating systems.

And the same observation applies -- people want to scream about the lack of security, yet scream if the security is improved at the expense of convenience. Case in point, Windows Vista.

This is a point that the Linux community never seems to grasp when they wonder why Linux has never been able to make significant inroads with everyday consumers. My stepmother would be a shining case in point -- she can download and install programs on her Windows machine and use them to do lots of things without having to know anything about how any of it works or is configured or is managed. If she had to work with a Linux box, she would be dead in the water. Now, does this mean that she's opening herself up to a host of vulnerabilities because she can install and run programs without having to jump through all kinds of hoops? Yep. No question.

As with nearly everything, it's a tradeoff. Improving confidentiality and integrity of a system usually diminishes the availability of it, and vice-versa. If you want a really computer that the bad guys aren't going to hack into, put it in a big wooden box, fill the box with concrete, and drop the box into the middle of the Pacific Ocean. But you have not achieved information security if you there are any legitimate users that need to access that system.

I think the Linux faces a hidden, perhaps insurmountable, barrier in this regard -- the very things that it would need to incorporate in order to be usable by the overwhelming majority of everyday computer users, such as my stepmom, would likely result in the very things that make it so strong for the people that like it now having to be compromised. Of course, there are those that would just say that all it takes is yet another Linux distro that caters to the everyday user (and several distros claim that they are exactly that), but none of them go anywhere far enough in that direction and still require that the user be able to perform admin-level tasks that the everyday user simply isn't up to doing -- of is even slightly interested in learning how to do.