Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×

Submission + - Florida man accused of using AI to create child porn (cbsnews.com)

Submitted by Anonymous Coward
An anonymous reader writes: Detectives have arrested a Florida man for allegedly using artificial intelligence to create child pornography images of a young neighbor.

Investigators said Daniel Clark Warren, 51, took a photo of a young girl who lived in his neighborhood and then used AI to remove her clothes and put her in sexual situations.

"It's pretty scary when you look at this stuff. If you just looked at it briefly, you would think it's a real photograph," said Martin County Sheriff's Detective Brian Broughton. "He takes the face of a child and then he sexualizes that, removes the clothing and poses the child and engages them in certain sexual activity."

Warren was arrested in January on a tip. He's facing 14 felony child pornography counts and is in jail on a $1.5 million bond. Detectives are working to determine if there are any other related cases.

Nine US states currently have laws against the creation or sharing of non-consensual deepfake photography, which are synthetic images created to mimic one's likeness.

Submission + - Inadequate security measures led to Microsoft breach (apnews.com)

Submitted by quonset
quonset writes: On Tuesday, the Cyber Safety Review Board, released a report laying blame on Microsoft for its shoddy cybersecurity practices, lax corporate culture and a lack of sincerity about the company’s knowledge of a targeted breach, which affected multiple U.S. agencies that deal with China last year. In short, a cascade of errors let state-backed Chinese cyber operators break into email accounts of senior U.S. officials including Commerce Secretary Gina Raimondo.

The panel said the intrusion, discovered in June by the State Department and dating to May “was preventable and should never have occurred,” blaming its success on “a cascade of avoidable errors.” What’s more, the board said, Microsoft still doesn’t know how the hackers got in.

The panel made sweeping recommendations, including urging Microsoft to put on hold adding features to its cloud computing environment until “substantial security improvements have been made.”

It said Microsoft’s CEO and board should institute “rapid cultural change” including publicly sharing “a plan with specific timelines to make fundamental, security-focused reforms across the company and its full suite of products.”

In all, the state-backed Chinese hackers broke into the Microsoft Exchange Online email of 22 organizations and more than 500 individuals around the world including the U.S. ambassador to China, Nicholas Burns — accessing some cloud-based email boxes for at least six weeks and downloading some 60,000 emails from the State Department alone, the 34-page report said. Three think tanks and four foreign government entities, including Britain’s National Cyber Security Center, were among those compromised, it said.

Submission + - Things Programmers Say On 4/1

Submitted by theodp
theodp writes: Developers, tell me it's April Fool's Day without telling me it's April Fool's Day: @ "Don't worry about missed deadlines — we're using Agile, Scrum, and Jira now!" @ "I can't believe how much money and time we've saved with the Cloud!" @ "Thanks to ChatGPT, you can cut all my coding and testing time estimates by half! @ "Why would I resent being micromanaged by a Product Manager who can't be bothered to seek my input or try to understand what I do?" @ "Don't worry about quality, we've tested every line of code with every possible combination of data values!" @ "Thank goodness our Sr. Management is being advised by Accenture, McKinsey, and Gartner!" @ "Of course, we can block every bad thing on the Internet with a minimal staff!" @ "Just because this has never worked anywhere else doesn't mean it can't work here!" @ "We can always cut back on coding and testing time to make sure we get these PowerPoint presentations right!" @ "Hey, why don't we get people who no longer program to dictate the programming/architecture standards that must be followed?" @ "Just because Amazon, Apple, and Microsoft PhDs make mistakes doesn't mean we should expect any less than a 0% error rate from our people!" @ "There's no excuse for testing with anything but fully synthetic data when the tools make it so simple for even the most complicated data!" @ "I thought it'd be impossible to identify everywhere that data comes from, how it's transformed, where it goes, and how it's used and by whom, but Data Governance and Audit did the hard part by giving us with Excel templates (with no filled-in examples) to fill out to document it all!" @ "Don't worry about security — each request and every person in our global organization as well as contractors is thoroughly vetted to ensure every element they're permitted to access is justified!" @ "How is HR so spot-on with making sure each person gets the fair review and compensation they deserve?" @ "Why should I be paid extra for being on call when it's nobody's fault but my own if anything goes wrong?" @ "It's incredible how refactoring code makes even the most complex code drop dead simple to understand!" @ "Thankfully office politics plays no role in how decisions are made here!" @ "Isn't it great that we have whole departments whose job is only to tell you what you're doing wrong, not what's right?" @ Just because the most brilliant minds at tech giants can't solve certain problems doesn't mean your team shouldn't be expected to do so during the next sprint!" @ "Even if your CI/CD requirements are impossible, it's my fault if my code and tests can't pass them!" @ "Why shouldn't we be able to come up with precise estimates for incomplete requirements for something that's never been done before without any idea of who's going to be working on it or what technology they'll be using!"

Submission + - Truth Social seems to have a very, very bad bug

Submitted by Anonymous Coward
An anonymous reader writes: It seems that Trump's Truth Social (which runs an old version of the Mastodon source code) has a very bad bug: users can post a crafted message that potentially gives root access. Such an attacker could, for example, send arbitrary alerts to users (perhaps tricking them to install malicious apps).

See Ryan Baumann's Mastodon post for details, and this old Ars Technica post about the vulnorability

Submission + - Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds (wired.com)

Submitted by Anonymous Coward
An anonymous reader writes: When thousands of security researchers descend on Las Vegas every August for what's come to be known as “hacker summer camp,” the back-to-backBlack HatandDefconhacker conferences, it's a given that some of them will experiment with hacking the infrastructure of Vegas itself, the city's elaborate array ofcasinoandhospitalitytechnology. But at one private event in 2022, a select group of researchers were actuallyinvitedto hack a Vegas hotel room, competing in a suite crowded with their laptops and cans of Red Bull to find digital vulnerabilities in every one of the room's gadgets, from its TV to its bedside VoIP phone. One team of hackers spent those days focused on the lock on the room's door, perhaps its most sensitive piece of technology of all. Now, more than a year and a half later, they're finally bringing to light the results of that work: a technique they discovered that would allow an intruder to open any of millions of hotel rooms worldwide in seconds, with just two taps.

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they callUnsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries. By exploiting weaknesses in both Dormakaba's encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel—say, by booking a room there or grabbing a keycard out of a box of used ones—then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock's data, and the second opens it.

Dormakaba says that it's been working since early last year to make hotels that use Saflok aware of their security flaws and to help them fix or replace the vulnerable locks. For many of the Saflok systems sold in the last eight years, there's no hardware replacement necessary for each individual lock. Instead, hotels will only need to update or replace the front desk management system and have a technician carry out a relatively quick reprogramming of each lock, door by door. Wouters and Carroll say they were nonetheless told by Dormakaba that, as of this month, only 36 percent of installed Safloks have been updated. Given that the locks aren't connected to the internet and some older locks will still need a hardware upgrade, they say the full fix will still likely take months longer to roll out, at the very least. Some older installations may take years.

Submission + - Tesla Hack Earns $200,000 at Pwn2Own 2024 (securityweek.com)

Submitted by wiredmikey
wiredmikey writes: A team from cybersecurity firm Synacktiv earned $200,000 at Pwn2Own for an integer overflow exploit targeting Tesla's electronic control unit (ECU) with CAN bus control. In addition to the money, the researchers won a new Tesla Model 3.

Participants have earned more than $700,000 on the first day of the Pwn2Own Vancouver 2024 hacking competition, successfully demonstrating exploits against a Tesla car, Linux and Windows operating systems, and various pieces of widely used software.

Submission + - The Phone-Based Childhood (theatlantic.com)

Submitted by sinij
sinij writes:

Once young people began carrying the entire internet in their pockets, available to them day and night, it altered their daily experiences and developmental pathways across the board. Friendship, dating, sexuality, exercise, sleep, academics, politics, family dynamics, identity — all were affected.

It is horrifying what kids and young adults have to go through to find their place in the modern, mandatory online, social system. You no longer have to only navigate school yard politics; now the entire Internet full of random crazy people, and malicious data-siphoning corporations, and radical activists all have direct access to minds and psyche of still-forming adolescents. Yet we mostly leave adolescents to figure it out themselves? No wonder so many turn into depressed shut-ins.

Submission + - Voyager 1 Sends Memory Dump (scientificamerican.com)

Submitted by Thelasko
Thelasko writes: ...in early March, something changed. In response to a command, instead of beaming back absolute gibberish, the spacecraft sent a string of numbers that looked more familiar. It proved to be a Rosetta stone moment. Soon an unnamed engineer at NASAâ(TM)s Deep Space Networkâ"the globe-girdling array of radio dishes that relays information from Earth to spacecraftâ"had learned how to speak Voyager 1â(TM)s jumbled language.

After translating that vaguely familiar portion of the spacecraftâ(TM)s transmission, the team could see that it contained a readout of the flight data systemâ(TM)s memory.

Submission + - Trump launched CIA covert influence operation against China (reuters.com)

Submitted by Anonymous Coward
An anonymous reader writes: Two years into office, President Donald Trump authorized the Central Intelligence Agency to launch a clandestine campaign on Chinese social media aimed at turning public opinion in China against its government, according to former U.S. officials with direct knowledge of the highly classified operation.

Three former officials told Reuters that the CIA created a small team of operatives who used bogus internet identities to spread negative narratives about Xi Jinping’s government while leaking disparaging intelligence to overseas news outlets. The effort, which began in 2019, has not been previously reported.

The CIA team promoted allegations that members of the ruling Communist Party were hiding ill-gotten money overseas and slammed as corrupt and wasteful China’s Belt and Road Initiative, which provides financing for infrastructure projects in the developing world, the sources told Reuters.

Although the U.S. officials declined to provide specific details of these operations, they said the disparaging narratives were based in fact despite being secretly released by intelligence operatives under false cover. The efforts within China were intended to foment paranoia among top leaders there, forcing its government to expend resources chasing intrusions into Beijing’s tightly controlled internet, two former officials said. “We wanted them chasing ghosts,” one of these former officials said.

Submission + - Graphene, a wondrous material, starts to prove useful (economist.com)

Submitted by echo123
echo123 writes: GRAPHENE is strong, lightweight, flexible and an excellent conductor of electricity. In the 20 years since it was first isolated at the University of Manchester, however, it has also proved dispiritingly light in useful applications. That is slowly beginning to change, as its remarkable properties keep researchers well-stocked with inspiration. For Krzysztof Koziol at Cranfield University in Britain, for example, what began as a covid-era plan to use graphene to improve surgical gloves has now morphed into a project to use high-altitude balloons to launch satellites into space.

Graphene, which consists of monolayers of carbon atoms bonded in a repeating hexagonal pattern, can be made in a number of ways, mostly by stripping flakes of carbon from mined graphite (sticky tape and pencil lead will do). Levidian Nanosystems, a Cambridge firm, uses a more sustainable process. It captures methane, a potent greenhouse gas, from various industrial sources, and then zaps it with microwaves inside a reaction chamber. This cracks the gas into its constituent parts, with hydrogen emerging at the top and graphene flakes at the bottom.

Dr Koziol leads a team of researchers who work with Levidian on a variety of graphene-based applications, from reinforcing aircraft, cars and wind turbines to lining gas pipelines. In 2019, they also worked with Meditech Gloves, a Malaysian firm, to improve its surgical and examination gloves. The company makes these from latex, a mixture of water and natural rubber tapped from the bark of rubber trees. As some people are allergic to proteins found in latex, most medical gloves tend to be made from petroleum-based nitrile rubber instead. As covid took hold, some 80m pairs of gloves were being used by health workers every month, with the nitrile ones ending up in landfill. There, they could take roughly 100 years to decompose.

Submission + - Lead from gasoline blunted the IQ of about half the U.S. population, study says (nbcnews.com)

Submitted by ArchieBunker
ArchieBunker writes: Exposure to leaded gasoline lowered the IQ of about half the population of the United States, a new study estimates.

The peer-reviewed study, published Monday in the journal Proceedings of the National Academy of Sciences, focuses on people born before 1996 — the year the U.S. banned gas containing lead.

Overall, the researchers from Florida State University and Duke University found, childhood lead exposure cost America an estimated 824 million points, or 2.6 points per person on average.

Certain cohorts were more affected than others. For people born in the 1960s and the 1970s, when leaded gas consumption was skyrocketing, the IQ loss was estimated to be up to 6 points and for some, more than 7 points. Exposure to it came primarily from inhaling auto exhaust.

Submission + - Rising Temperatures and Heat Shocks Prompt Job Relocations, Study Finds (techtarget.com)

Submitted by dcblogs
dcblogs writes: A recent study in the National Bureau of Economic Research has found that companies are quietly adapting to rising temperatures by shifting operations from hotter to cooler locations.

The researchers analyzed data from 50,000 companies between 2009 and 2020. To illustrate the economic impact, the researchers found that when a company with equal employment across two counties experiences a heat shock in one county, there is a subsequent 0.7% increase in employment growth in the unaffected county over a three-year horizon. The finding is significant, given that the mean employment growth for the sample of businesses in the study is 2.4%.

Heat shocks are characterized by their severe impact on health, energy grids, and increased fire risks, are influencing companies with multiple locations to reconsider their geographical distribution of operations.

Despite this trend, states like Arizona and Nevada, which have some of the highest heat-related death tolls, continue to experience rapid business expansion. Experts believe that factors such as labor pool, taxes, and regulations still outweigh environmental climate risks when it comes to business site selection. But heat associated deaths are on the rise. In the Phoenix area alone, it experienced 425 heat related deaths in 2022 and a similar number in 2023, record highs for this region.

The study suggests that the implications of climate change on business operations are becoming more apparent. Companies are beginning to evaluate climate risks as part of their regular risk assessment process.

Slashdot Top Deals

A committee is a group that keeps the minutes and loses hours. -- Milton Berle

Close