Source: Hacker News
Source: Hacker News
Source: Schneier on Security
The company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis.
Source: Hyperbole and a Half
Hello.
This is an announcement.
Out of all the places I could have put an announcement, I will admit that it probably doesn't make the most logistical sense to put it here.
If I'd had the opportunity to put it somewhere that makes more sense for announcing things, such as Facebook or Twitter, I promise you I would have done that. However—and please don't become too distracted by this—but the vast majority of my social media accounts were hacked sometime back by an extremely persistent individual or entity whom I have thus far been unsuccessful at defeating, so I do not currently have anywhere else to put this.
Moving on.
As we discussed, there is an announcement. Soon it will be upon us. But first, a warm-up announcement:
I told you this because I thought it might lend some credibility to the actual announcement, which is that I wrote a second book. For real this time. The book is finished. It has 518 pages. There is no going back at this point. There's a super official book page and everything.
As is tradition, a variety of ordering experiences are available.
For example, if you wish to be taken directly to the book page with no extra fanfare, please click the regular button:
If you wish to use a larger button to go directly to the book page, please click the big button:
If you wish to have a more difficult experience, the hard button is for you:
If you do not wish to interact with the book any further, please follow this button to safety:
If you want to feel slightly weirder than you currently do before visiting the book page, please click here:
If you wish for me to apologize for writing the book and/or for the bird collage, that option is also available:
If you just want to click a bunch of buttons, please go here:
---------------------------------------------------------------------------------
Okay. The announcement is complete. We may now proceed to the bonus phase.
Perhaps this event was not promotional enough for you. Perhaps you wish to be subjected to a truly unnecessary level of marketing both related and unrelated to my book. Perhaps you simply wish to experience the future in whatever form it takes. If this is the case, I have great news for you:
I recently learned how to use Instagram, and over the next several days, I intend to explore the limits of its potential, possibly even discovering new ways of using it. I will be relentless, and you will regret becoming involved, but you do have the opportunity to become involved if you wish. It's also completely possible that I decide against this and just post extreme close-ups of my belly button. Or something else could happen. One can never know these things.
Thank you for your time and patience. I hope you can find it in your hearts to still respect me after this.
-Allie
Source: Ars Technica
Enlarge / A fluorescent image of cardiac muscle cells in culture. (credit: Douglas B. Cowan and James D. McCully, Harvard Medical School)
Coronaviruses spread primarily through material released when we breathe, and they cause respiratory symptoms. And SARS-CoV-2, with part of its name coming from "severe acute respiratory syndrome," didn't appear to be an exception. But as time went on, additional symptoms became clear—loss of smell, digestive-tract issues—and these weren't likely to be due to infection of the respiratory tract. And over time, what also became apparent is that the symptoms didn't necessarily fade when the virus was cleared.
As we've studied the virus more, we've learned that the protein it uses to latch on to cells is present in a lot of different tissues in the body, suggesting that a wide variety of different effects could be the direct product of infections of the cells there. This week, the effect that seems to be grabbing attention is heart problems, spurred by a Scientific American article that (among other things) considers the stories of professional and college athletes who have been infected. That was followed by a report that roughly 30 percent of college athletes who've contracted the virus end up with inflammation of the heart muscle, called myocarditis—a number that ESPN is now saying is an accidental exaggeration.
Both reports are heavy on anecdote, but this is not a new thing; ESPN had reported on myocarditis in college athletes back in early August. And, more significantly, the scientific community has been looking into the issue for months. So far, its conclusion is that there are likely to be heart complications, even in patients who had mild COVID-19 symptoms. But the long-term implications of these problems aren't yet clear.
Read 11 remaining paragraphs | Comments
Source: Hacker News
Source: The Verge - All Posts
Illustration by Alex Castro / The Verge
Apple has to pay store employees in California for the time they spend waiting for their bags to be checked by security officers, an appeals court ruled this week.
The US Court of Appeals for the Ninth Circuit issued the ruling Wednesday, which reverses a summary judgment order in Apple’s favor, as first reported by Law.com. The ongoing case started in 2015 when a group of Apple retail workers in California filed a class action suit arguing that under state law, they should be paid if they wait for bag searches, which the company requires but did not consider on-the-job time.
California’s Supreme Court ruled in February that state law required Apple to pay employees for the time they spent waiting for a manager or security officer to...
Source: Hack a Day
[Serge Vaudenay] and [Martin Vuagnoux] released a video yesterday documenting a privacy-breaking flaw in the Apple/Google COVID-tracing framework, and they’re calling the attack “Little Thumb” after a French children’s story in which a child drops pebbles to be able to retrace his steps. But unlike Hänsel and Gretl with the breadcrumbs, the goal of a privacy preserving framework is to prevent periodic waypoints from allowing you to follow anyone’s phone around. (Video embedded below.)
The Apple/Google framework is, in theory, quite sound. For instance, the system broadcasts hashed, rolling IDs that prevent tracing an individual phone for more than fifteen minutes. And since Bluetooth LE has a unique numeric address for each phone, like a MAC address in other networks, they even thought of changing the Bluetooth address in lock-step to foil would-be trackers. And there’s no difference between theory and practice, in theory.
In practice, [Serge] and [Martin] found that a slight difference in timing between changing the Bluetooth BD_ADDR and changing the COVID-tracing framework’s rolling proximity IDs can create what they are calling “pebbles”: an overlap where the rolling ID has updated but the Bluetooth ID hasn’t yet. Logging these allows one to associate rolling IDs over time. A large network of Bluetooth listeners could then trace people’s movements and possibly attach identities to chains of rolling IDs, breaking one of the framework’s privacy guarantees.
This timing issue only affects some phones, about half of the set that they tested. And of course, it’s only creating a problem for privacy within Bluetooth LE range. But for a system that’s otherwise so well thought out in principle, it’s a flaw that needs fixing.
Why didn’t the researchers submit a patch? They can’t. The Apple/Google code is mostly closed-source, in contrast to the open-source nature of most of the apps that are running on it. This remains troubling, precisely because the difference between the solid theory and the real practice lies exactly in those lines of uninspectable code, and leaves all apps that build upon them vulnerable without any recourse other than “trust us”. We encourage Apple and Google to make the entirety of their COVID framework code open. Bugs would then get found and fixed, faster.
Source: Ars Technica
Enlarge (credit: Page Light Studios)
Federal courts in the Chicago area have three times rejected government applications for warrants to force Google to produce a list of smartphones near two particular commercial establishments during one of three 45-minute intervals. The most recent ruling was handed down last week and was recently made public.
The decisions are significant because Google has reported massive growth in law enforcement use of such "geofence" searches. Google says there was a 1,500-percent increase between 2017 and 2018 and a further 600-percent jump from 2018 to 2019. That's a hundredfold increase in two years. Google received 180 geofence search requests a week during 2019, according to CNet.
Google is a popular target for this kind of request because almost everyone uses Google products in one way or another. Google's Android controls a majority of the smartphone market, and even most users who run iPhones use apps like Google Maps and Gmail. Moreover, Google frequently has GPS data that places a user's phone to within a few meters—much more accurate than the tower location data law enforcement can get from wireless providers.
Read 11 remaining paragraphs | Comments
Source: Slashdot
The National Security Agency program that swept up details on billions of Americans' phone calls was illegal and possibly unconstitutional, a federal appeals court ruled Wednesday. From a report: However, the unanimous three-judge panel of the 9th Circuit Court of Appeals said the role the so-called telephone metadata program played in a criminal terror-fundraising case against four Somali immigrants was so minor that it did not undermine their convictions. The long-awaited decision is a victory for prosecutors, but some language in the court's opinion could be viewed as a rebuke of sorts to officials who defended the snooping by pointing to the case involving Basaaly Moalin and three other men found guilty by a San Diego jury in 2013 on charges of fundraising for Al-Shabaab. Judge Marsha Berzon's opinion, which contains a half-dozen references to the role of former NSA contractor and whistleblower Edward Snowden in disclosing the NSA metadata program, concludes that the "bulk collection" of such data violated the Foreign Intelligence Surveillance Act. The call-tracking effort began without court authorization under President George W. Bush following the Sept. 11, 2001, terrorist attacks. A similar program was approved by the secretive FISA Court beginning in 2006 and renewed numerous times, but the 9th Circuit panel said those rulings were legally flawed.
Read more of this story at Slashdot.
