Uber's Indian arm has started using its app to offer rideshare and delivery drivers the chance to make money by classifying data used by AI systems. From a report: Megha Yethadka, global head of Uber AI Solutions, revealed the new gigs in a Thursday LinkedIn post in which she said drivers sometimes have downtime during the day or might want to make some extra cash after hours. Yethadka said the work can involve reviewing photos, counting objects, classifying text, recording audio, or digitizing receipts.

She said the gigs are "Powering our enterprise customers worldwide for their gen AI models or consumer applications." "Until now, these tasks were completed by independent contractors outside the app," Yethadka wrote. "The early results are very promising, and we're eager to scale this further." In an accompanying video, she mentioned "worldwide" expansion for the offering. Prabhjeet Singh, Uber's president for India and South Asia, said the gigs are available in 12 cities and that "tens of thousands of drivers" are already performing what Uber calls "digital tasks."

To comply with the EU's Digital Markets Act, Meta is rolling out changes to give users in Europe the ability to unlink their Facebook, Messenger and Instagram accounts. Neowin reports: One key choice users will have is how information is shared between Facebook and Instagram. Instagram and Facebook users will be able to choose whether or not they want information shared between the apps. Those who currently have connected Instagram and Facebook accounts can opt to keep sharing data between the apps or separate their accounts. Furthermore, Messenger is getting a standalone option. Users can continue using Messenger with their Facebook account or create a new account completely independent of Facebook. This new Messenger account will still offer core features like messaging, chat, and voice/video calls, but without Facebook.

For Facebook Marketplace, the options will be a personalized marketplace experience that taps into Facebook profiles or an anonymized experience where buyers and sellers only communicate via email instead of Messenger. For gamers, Meta offers a similar choice to Facebook Gaming. Users can keep their Facebook info linked for access to features like multiplayer, in-game purchases, and personalized recommendations. Alternatively, they can opt for a Facebook-free gaming experience. Finally, an option introduced in November 2023 remains relevant -- European users can choose to pay a subscription to Facebook and Instagram ad-free. It ensures that their information is not used for targeted advertising.

Online counseling company BetterHelp has agreed to pay $7.8 million to settle charges from the Federal Trade Commission that it improperly shared customers' sensitive data with companies like Facebook and Snapchat, even after promising to keep it private. The Verge reports: The proposed order, announced by the FTC on Thursday, would ban the same behavior in the future and require BetterHelp to make some changes to how it handles customer data. According to the regulator, the sign-up process for the company's service "promised consumers that it would not use or disclose their personal health data except for limited purposes." However, the FTC alleges that the company instead "used and revealed consumers' email addresses, IP addresses, and health questionnaire information to Facebook, Snapchat, Criteo, and Pinterest for advertising purposes."

The FTC also says that the company gave customer service agents false scripts to try and reassure users that it wasn't sharing personally identifiable or personal health information after a February 2020 report from Jezebel exposed some of its practices. The commission's complaint (PDF) accuses the company of misleading customers by putting a HIPAA seal on its website, despite the fact that "no government agency or other third party reviewed [BetterHelp]'s information practices for compliance with HIPAA, let alone determined that the practices met the requirements of HIPAA."

If the FTC's order ends up going through, the $7.8 million would go to customers who signed up for the service between August 1st, 2017, and December 31st, 2020. Here are some of the other things BetterHelp would be required to do:

- Stop sharing individually identifiable information about consumer's mental health with any third parties
- Stop misrepresenting its data collection and use policies
- Alert customers who created accounts before January 1st, 2021, that their personal info may have been used for advertising
- Obtain "affirmative express consent" from a customer before sharing information with a third party
- Reach out to third parties that received customer information and ask that it be deleted
- Establish a "comprehensive privacy program" and have an independent third party carry out privacy assessments

The development team behind the open-source password management software KeePass is disputing what is described as a newly found vulnerability that allows attackers to stealthily export the entire database in plain text. BleepingComputer reports: KeePass is a very popular open-source password manager that allows you to manage your passwords using a locally stored database, rather than a cloud-hosted one, such as LastPass or Bitwarden. To secure these local databases, users can encrypt them using a master password so that malware or a threat actor can't just steal the database and automatically gain access to the passwords stored within it. The new vulnerability is now tracked as CVE-2023-24055, and it enables threat actors with write access to a target's system to alter the KeePass XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext. The next time the target launches KeePass and enters the master password to open and decrypt the database, the export rule will be triggered, and the contents of the database will be saved to a file the attackers can later exfiltrate to a system under their control. However, this export process launches in the background without the user being notified or KeePass requesting the master password to be entered as confirmation before exporting, allowing the threat actor to quietly gain access to all of the stored passwords. [...]

While the CERT teams of Netherlands and Belgium have also issued security advisories regarding CVE-2023-24055, the KeePass development team is arguing that this shouldn't be classified as a vulnerability given that attackers with write access to a target's device can also obtain the information contained within the KeePass database through other means. In fact, a "Security Issues" page on the KeePass Help Center has been describing the "Write Access to Configuration File" issue since at least April 2019 as "not really a security vulnerability of KeePass." If the user has installed KeePass as a regular program and the attackers have write access, they can also "perform various kinds of attacks." Threat actors can also replace the KeePass executable with malware if the user runs the portable version.

"In both cases, having write access to the KeePass configuration file typically implies that an attacker can actually perform much more powerful attacks than modifying the configuration file (and these attacks in the end can also affect KeePass, independent of a configuration file protection)," the KeePass developers explain. "These attacks can only be prevented by keeping the environment secure (by using an anti-virus software, a firewall, not opening unknown e-mail attachments, etc.). KeePass cannot magically run securely in an insecure environment." If the KeePass devs don't release a version of the app that addresses this issue, BleepingComputer notes "you could still secure your database by logging in as a system admin and creating an enforced configuration file."

"This type of config file takes precedence over settings described in global and local configuration files, including new triggers added by malicious actors, thus mitigating the CVE-2023-24055 issue."

An anonymous reader quotes a report from Gizmodo: The Royal Society is the UK's national academy of sciences. On Wednesday, it published a report on what it calls the "online information environment," challenging some key assumptions behind the movement to de-platform conspiracy theorists spreading hoax info on topics like climate change, 5G, and the coronavirus. Based on literature reviews, workshops and roundtables with academic experts and fact-checking groups, and two surveys in the UK, the Royal Society reached several conclusions. The first is that while online misinformation is rampant, its influence may be exaggerated, at least as far as the UK goes: "the vast majority of respondents believe the COVID-19 vaccines are safe, that human activity is responsible for climate change, and that 5G technology is not harmful." The second is that the impact of so-called echo chambers may be similarly exaggerated and there's little evidence to support the "filter bubble" hypothesis (basically, algorithm-fueled extremist rabbit holes). The researchers also highlighted that many debates about what constitutes misinformation are rooted in disputes within the scientific community and that the anti-vax movement is far broader than any one set of beliefs or motivations.

One of the main takeaways: The government and social media companies should not rely on "constant removal" of misleading content [because it is] not a "solution to online scientific misinformation." It also warns that if conspiracy theorists are driven out of places like Facebook, they could retreat into parts of the web where they are unreachable. Importantly, the report makes a distinction between removing scientific misinformation and other content like hate speech or illegal media, where removals may be more effective: "... Whilst this approach may be effective and essential for illegal content (eg hate speech, terrorist content, child sexual abuse material) there is little evidence to support the effectiveness of this approach for scientific misinformation, and approaches to addressing the amplification of misinformation may be more effective. In addition, demonstrating a causal link between online misinformation and offline harm is difficult to achieve, and there is a risk that content removal may cause more harm than good by driving misinformation content (and people who may act upon it) towards harder-to-address corners of the internet."

Instead of removal, the Royal Society researchers advocate developing what they call "collective resilience." Pushing back on scientific disinformation may be more effective via other tactics, such as demonetization, systems to prevent amplification of such content, and fact-checking labels. The report encourages the UK government to continue fighting back against scientific misinformation but to emphasize society-wide harms that may arise from issues like climate change rather than the potential risk to individuals for taking the bait. Other strategies the Royal Society suggests are continuing the development of independent, well-financed fact-checking organizations; fighting misinformation "beyond high-risk, high-reach social media platforms"; and promoting transparency and collaboration between platforms and scientists. Finally, the report mentions that regulating recommendation algorithms may be effective.

During the company's first appearance at a U.S. congressional hearing, TikTok executive Michael Beckerman said it does not give information to the Chinese government and has sought to safeguard U.S. data. Reuters reports: Michael Beckerman, TikTok's head of public policy for the Americas, became the company's first executive to appear before Congress, testifying to a subcommittee of the Senate Commerce Committee. Republicans in particular pressed Beckerman on worries regarding TikTok's stewardship of data on the app's users. Senator Marsha Blackburn, the panel's top Republican, said she is concerned about TikTok's data collection, including audio and a user's location, and the potential for the Chinese government to gain access to the information. Blackburn questioned Beckerman on whether TikTok could resist giving data to China's government if material were to be demanded. "We do not share information with the Chinese government," Beckerman responded.

Under questioning by Republican Senator Ted Cruz, Beckerman said that TikTok has "no affiliation" with Beijing ByteDance Technology, a ByteDance entity at which the Chinese government took a stake and a board seat this year. Beckerman also testified that TikTok's U.S. user data is stored in the United States, with backups in Singapore. "We have a world-renowned U.S. based security team that handles access," Beckerman said. Republican Senator John Thune said TikTok is perhaps more driven by content algorithms than even Facebook, as the app is famous for quickly learning what users find interesting and offering them those types of videos. Beckerman said TikTok would be willing to provide the app's algorithm moderation policies in order for the Senate panel to have it reviewed by independent experts.

The case for robot umpires in baseball got some new interest this week — especially for Silicon Valley's baseball fans. As America settled in to watch the final inning of this year's National League Division Series, the Washington Post reports that (human) viewers saw a (human) umpire "call a third strike on a checked swing by San Francisco Giants infielder Wilmer Flores...ending the night, and season, of MLB's best team of 2021." (Though instead of swinging "Flores clearly appeared to hold up.")

But the backlash raises the question of whether a so-called robo-umpire — essentially, a set of highly placed and well-programmed cameras — could have automatically adjudicated the checked swing...

It's not a hypothetical question: MLB is in the middle of a three-year partnership with the independent Atlantic League for just such a robo-umpire, a system called Automatic Balls and Strikes (ABS), that this past season rendered a home-plate umpire moot for his most important job. MLB hasn't given a timetable for when the system could reach the big leagues, but it's clearly a trial balloon. ABS is overseen by TrackMan, a Denmark-based start-up that began by helping golfers with their swing and then expanded to baseball before broadening again to auto-officiating responsibilities. Under their ABS system, players are measured for a strike zone before the season, with their info then fed into the machine. Then, during the game, the company's sensor in the stands behind home plate uses Doppler technology to determine where the ball is thrown and where it should have been thrown based on the player's strike zone. The sensor then relays the call to, well, whoever wants to hear it. In the case of the Atlantic League, this is an actual umpire behind the plate who, in an ironic reversal, is a human who simply does what the machine tells him to do and announces the call.

The system is not being used for checked swings, but the technology is equally applicable; it makes little difference whether a ball is crossing the plate in one direction or a bat crosses it the other way...

But accuracy is only part of the equation. Presumably TrackMan could have made the right call — but what effect would such automation have on us socially? An argument can be made that it would increase consumer confidence and eliminate discord; an equal argument could be made the other way, that subjectivity is what makes the public realm, or at least baseball, a dynamic and interesting place.

The Flores checked swing, in other words, gets at the question that stretches across much of innovation: Just because we could, does that mean we should?
"Some fans have questioned whether judgment calls are part of the fun of baseball and a legalistic rendering is contrary to the spirit of the game," the article points out. And another issue: currently catchers will sometimes even move their glove with the caught ball so it looks like it passed through the strike zone when it didn't. (Or, as Deadspin puts it, "It's lying about where the pitch came in to fool the umpire into giving your team a strike when he shouldn't have." Though they call it "a beautiful art that defines the catcher position... and it will be rendered useless by the emergence of robot umpires.")

Deadspin tracked down the President of TrackMan Baseball, who said that after an entire season of use in the Atlantic league, "Our system was accurate to about a half-inch, and we do this at hundreds of baseball stadiums every single day." But Deadspin worries that if it's actually implemented in Major League Baseball stadium, then pitchers would be afraid to throw borderline pitches, and would be forced to throw more balls over the plate. While endless hits and home runs might sound exciting, it would only lengthen an already slow sport, and the high that comes from witnessing incredible offensive feats would slowly fade as they would become more commonplace.

"A group of ten EU countries, led by France, have asked the European Commission to recognize nuclear power as a low-carbon energy source that should be part of the bloc's decades-long transition towards climate neutrality," reports EuroNews. While greenhouse gas emissions from nuclear plants are "comparable" to those released by hydropower and wind, critics argue that the resulting radioactive waste is harmful to human health and the environment. "Despite the urgency to combat climate change, member states are still unable to reach a consensus on whether nuclear constitutes a green or dirty energy source," adds EuroNews. From the report: Tapping into Europe's ongoing energy crunch, the countries make the case for nuclear energy as a "key affordable, stable and independent energy source" that could protect EU consumers from being "exposed to the volatility of prices." The letter, which was initiated by France, has been sent to the Commission with the signature of nine other EU countries, most of which already count nuclear as part of their national energy mix: Bulgaria, Croatia, Czech Republic, Finland, Hungary, Poland, Slovakia, Slovenia and Romania. Nuclear plants generate over 26% of the electricity produced in the European Union.
[...]
Despite the urgency to combat climate change, member states are still unable to reach a consensus on whether nuclear constitutes a green or dirty energy source. The Commission has postponed the crucial decision to let countries conclude the debate. On the one side, Germany, which plans to shut down all its reactors by 2022, is leading the anti-nuclear cause, together with Austria, Denmark, Luxembourg and Spain. "We are concerned that including nuclear power in the taxonomy would permanently damage its integrity, credibility and therefore its usefulness," they wrote in July.

On the other side, France, which obtains over 70% of its electricity from nuclear stations, is fighting to label nuclear as sustainable under the taxonomy. As shown by the new letter, Paris has the backing of several Eastern states, which have already earmarked millions for nuclear projects. "While renewable energy sources play a key role for our energy transition, they cannot produce enough low-carbon electricity to meet our needs, at a sufficient and a constant level," the letter says, describing nuclear power as a "safe and innovative" sector with the potential of sustaining one million high-qualified jobs "in the near future".

A report (PDF) from the Commission's research unit released earlier this year indicates Brussels could eventually side with the pro-nuclear team. The paper says greenhouse gas emissions from nuclear plants are "comparable" to those released by hydropower and wind, an assessment shared by the International Energy Agency (IEA) and the United States Department of Energy. Critics, however, argue the resulting radioactive waste is harmful to human health and the environment. "Nuclear power is incredibly expensive, hazardous and slow to build," says Greenpeace. Detractors are concerned about potentially disastrous nuclear accidents, similar to those of Chernobyl in 1986 or Fukushima in 2011, which are still deeply rooted in the collective imagination.

A group of privacy-focused tech companies including DuckDuckGo, Vivaldi, and the company that makes Protonmail are calling for a broad ban on targeted, "surveillance-based" advertising. Motherboard reports: "Although we recognize that advertising is an important source of revenue for content creators and publishers online, this does not justify the massive commercial surveillance systems set up in attempts to 'show the right ad to the right people,'" the letter reads. The letter urges lawmakers in the United States and European Union to enact data protection laws that could protect consumers from the "privacy-hostile" practices that many companies turn to for their advertising. It explains that exploiting users' privacy for the sake of personalized ads is not necessary for companies to be profitable.

Many of the signatories, including Proton Technologies and DuckDuckGo, already prioritize data protection in their services. Mojeek, an independent search engine, posted in 2006 about its efforts to avoid using "big brother tactics" and collecting personal user data in order to make money. Many of these companies make money by advertising, but the advertising is "contextual" rather than targeted. For a search engine, this means that an advertiser can buy ads that show up when a user searches a specific term. This is different from targeted advertising, which in this example could potentially take into account a user's search history, their demographic and biographic info, their web browsing history, their geographic location, etc.

Google has removed an Android app from the Play Store that was used to collect personal information from Belarusians attending anti-government protests. ZDNet reports: The app, named NEXTA LIVE, was available for almost three weeks on the official Android Play Store, and was downloaded thousands of times and received hundreds of reviews. To get installs, NEXT LIVE claimed to be the official Android app for Nexta, an independent Belarusian news agency that gained popularity with anti-Lukashenko protesters after exposing abuses and police brutality during the country's recent anti-government demonstrations. However, the app contained code to to collect geolocation data, gather info on the device owner, and then upload the data to a remote Russian server at regular intervals. [...] While there is no official link between the fake Nexta app and the Minsk government, this would hardly be the first time that a government would try to spy on its citizens in the midst of anti-government protests, in attempts to identify protest-goers.

Facebook is "aiding and abetting the spread of climate misinformation," said Robert Brulle, an environmental sociologist at Drexel University. "They have become the vehicle for climate misinformation, and thus should be held partially responsible for a lack of action on climate change." From a report: Brulle was reacting to Facebook's recent decision, made at the request of climate science deniers, to create a giant loophole in its fact-checking program. Last year, Facebook partnered with an organization, Science Feedback, that would bring in teams of Ph.D. climate scientists to evaluate the accuracy of viral content. It was an important expansion of the company's third-party fact-checking program. But now Facebook has reportedly decided to allow its staffers to overrule the climate scientists and make any climate disinformation ineligible for fact-checking by deeming it "opinion."

The organization that requested the change, the CO2 Coalition, is celebrating, E&E news reported on Monday. The group, which has close ties to the fossil fuel industry, says its views on climate change are increasingly ignored by the mainstream media. Now it plans to use Facebook to aggressively push climate misinformation on the public -- without having to worry about fact checks from climate scientists. A column published in the Washington Examiner in August 2019 claimed that "climate models" were a "failure" that predicted exponentially more warming of the earth than has occurred. The piece, co-authored by notorious climate science denier Pat Michaels, was quickly shared more than 2,000 times on Facebook. There was just one issue: It wasn't true. This is exactly the kind of mess that Facebook's network of independent fact-checkers is supposed to solve.

SonicSpike shares a report from Reason: The Department of Justice has been dismissing child pornography cases in order to not reveal information about the software programs used as the basis for the charges. An array of cases suggest serious problems with the tech tools used by federal authorities. But the private entities who developed these tools won't submit them for independent inspection or hand over hardly any information about how they work, their error rates, or other critical information. As a result, potentially innocent people are being smeared as pedophiles and prosecuted as child porn collectors, while potentially guilty people are going free so these companies can protect "trade secrets." The situation suggests some of the many problems that can arise around public-private partnerships in catching criminals and the secretive digital surveillance software that it entails (software that's being employed for far more than catching child predators).

With the child pornography cases, "the defendants are hardly the most sympathetic," notes Tim Cushing at Techdirt. Yet that's all the more reason why the government's antics here are disturbing. Either the feds initially brought bad cases against people whom they just didn't think would fight back, or they're willing to let bad behavior go rather than face some public scrutiny. An extensive investigation by ProPublica "found more than a dozen cases since 2011 that were dismissed either because of challenges to the software's findings, or the refusal by the government or the maker to share the computer programs with defense attorneys, or both," writes Jack Gillum. Many more cases raised issues with the software as a defense. "Defense attorneys have long complained that the government's secrecy claims may hamstring suspects seeking to prove that the software wrongly identified them," notes Gillum. "But the growing success of their counterattack is also raising concerns that, by questioning the software used by investigators, some who trade in child pornography can avoid punishment."

For several hours on Wednesday Equifax's website was compromised again, this time to deliver fraudulent Adobe Flash updates, which when clicked, infected visitors' computers with adware that was detected by only three of 65 antivirus providers, reports Dan Goodin at Ars Technica. From the report: Randy Abrams, an independent security analyst by day, happened to visit the site Wednesday evening to contest what he said was false information he had just found on his credit report. Eventually, his browser opened up a page on the domain hxxp:centerbluray.info. He was understandably incredulous. The site that previously gave up personal data for virtually every US person with a credit history was once again under the control of attackers, this time trying to trick Equifax visitors into installing crapware Symantec calls Adware.Eorezo. Knowing a thing or two about drive-by campaigns, Abrams figured the chances were slim he'd see the download on follow-on visits. To fly under the radar, attackers frequently serve the downloads to only a select number of visitors, and then only once. Abrams tried anyway, and to his amazement, he encountered the bogus Flash download links on at least three subsequent visits. Update: Equifax said on Thursday it was taking one of its web pages offline as its security team looks into reports of another potential cyber breach.

An anonymous reader quotes a report from EFF: Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF). Malware was sent to Irina Petrushova and Alexander Petrushov, publishers of the independent newspaper Respublika, which was forced by the government of Kazakhstan to stop printing after years of exposing corruption but has continued to operate online. Also targeted are family members and attorneys of Mukhtar Ablyazov, co-founder and leader of opposition party Democratic Choice of Kazakhstan, as well as other prominent dissidents. The campaign -- which EFF has called "Operation Manul," after endangered wild cats found in the grasslands of Kazakhstan -- involved sending victims spearphishing emails that tried to trick them into opening documents which would covertly install surveillance software capable of recording keystrokes, recording through the webcam, and more. Some of the software used in the campaign is commercially available to anyone and sells for as little as $40 online.

An anonymous reader writes from a report via The Independent: According to a study carried out by corporate research firm MSCI, CEO's that get paid the most run some of the worst-performing companies. It found that every $100 invested in companies with the highest-paid CEOs would have grown to $265 over 10 years. However, the same amount invested in the companies with the lowest-paid CEOs would have grown to $367 over 10 years. The report, titled "Are CEOs paid for performance? Evaluating the Effectiveness of Equity Incentives," looked at the salaries of 800 CEOs at 429 large and medium-sized U.S. companies between 2005 and 2014 and compared it with the total shareholder return of the companies. Senior corporate governance research at MSCI, Ric Marshall, said in a statement: "The highest paid had the worse performance by a significant margin. It just argues for the equity portion of CEO pay to be more conservative."

Cory Doctorow, writes for BoingBoing: The Electronic Frontier Foundation has just filed a lawsuit that challenges the Constitutionality of Section 1201 of the DMCA, the "Digital Rights Management" provision of the law, a notoriously overbroad law that bans activities that bypass or weaken copyright access-control systems, including reconfiguring software-enabled devices (making sure your IoT light-socket will accept third-party lightbulbs; tapping into diagnostic info in your car or tractor to allow an independent party to repair it) and reporting security vulnerabilities in these devices. EFF is representing two clients in its lawsuit: Andrew "bunnie" Huang, a legendary hardware hacker whose NeTV product lets users put overlays on DRM-restricted digital video signals; and Matthew Green, a heavyweight security researcher at Johns Hopkins who has an NSF grant to investigate medical record systems and whose research plans encompass the security of industrial firewalls and finance-industry "black boxes" used to manage the cryptographic security of billions of financial transactions every day. Both clients reflect the deep constitutional flaws in the DMCA, and both have standing to sue the US government to challenge DMCA 1201 because of its serious criminal provisions (5 years in prison and a $500K fine for a first offense).Doctorow has explained aspects of this for The Guardian today. You should also check Huang's blog post on this.

mikejuk writes: In its recent earnings call, Yahoo revealed plans to cut its workforce by 15% -- around 1,600 employees by the end of the year. Yahoo Labs is another victim of the cuts as revealed in a Tumblr post by Yoelle Maarek who reports that both Yahoo's Chief Scientist, Ron Brachman, and VP of Research Ricardo Baeza-Yates, will be leaving the company and that going forward: "Our new approach is to integrate research teams directly into our product teams in order to produce innovation that will drive excellence in those product areas. We will also have an independent research team that will work autonomously or in partnership with product partners. The integrated and independent teams, as a whole, will be known as Yahoo Research." Maarek, formerly VP of Research now becomes leader of Yahoo Research. To anyone who has followed the story of research at Yahoo there will be a sense of deja vu. Back in 2012 Yahoo laid off many of its research team, many of whom found a new home with Microsoft. It was Marissa Meyer who in the following year recruited a substantial number of PhDs to Yahoo Labs which initiated some interesting projects.

Meyer clearly thought research would save Yahoo, but now it all seems a bit late and Yahoo can't save its research lab.

A few weeks ago you had a chance to ask Brian Krebs about security, cybercrime and what it's like to be the victim of Swatting. Below you will find his answers to your questions.

HughPickens.com writes: Mo Costandi reports at The Guardian that a new study shows losing one's sense of smell strongly predicts death within five years, suggesting that smell may serve as a bellwether for the overall state of the body, or as a marker for exposure to environmental toxins. "Olfactory dysfunction was an independent risk factor for death, stronger than several common causes of death, such as heart failure, lung disease and cancer," the researchers concluded, "indicating that this evolutionarily ancient special sense may signal a key mechanism that affects human longevity." In the study, researchers tested a group of volunteers for their ability to correctly identify various scents. Five years later, they retested as many of the volunteers as they could find.

During the five-year gap between the two tests, 430 of the original participants (or 12.5% of the total number) had died. Of these, 39% who had failed the first smell test died before the second test, compared to 19% of those who had moderate smell loss on the first test, and just 10% of those with a healthy sense of smell. Despite taking issues such as age, nutrition, smoking habits, poverty and overall health into account, researchers found those with the poorest sense of smell were still at greatest risk. The tip of the olfactory nerve, which contains the smell receptors, is the only part of the human nervous system that is continuously regenerated by stem cells. The production of new smell cells declines with age, and this is associated with a gradual reduction in our ability to detect and discriminate odors. Loss of smell may indicate that the body is entering a state of disrepair, and is no longer capable of repairing itself.

jones_supa (887896) writes "A new Northwestern Medicine study reports the timing, intensity and duration of your light exposure during the day is linked to your weight — the first time this has been shown. People who had most of their daily exposure to even moderately bright light in the morning had a significantly lower body mass index (BMI) than those who had most of their light exposure later in the day, the study found. It accounted for about 20 percent of a person's BMI and was independent of an individual's physical activity level, caloric intake, sleep timing, age or season. About 20 to 30 minutes of morning light is enough to affect BMI. The senior author Phyllis C. Zee rationalizes this by saying that light is the most potent agent to synchronize your internal body clock that regulates circadian rhythms, which in turn also regulate energy balance. The study was small and short. It included 54 participants (26 males, 28 females), an average age of 30. They wore a wrist actigraphy monitor that measured their light exposure and sleep parameters for seven days in normal-living conditions. Their caloric intake was determined from seven days of food logs. The study was published April 2 in the journal PLOS ONE. Giovanni Santostasi, a research fellow in neurology at Feinberg, is a co-lead author."