Category: Geek

Home Depot data theft affected 56 million credit/debit cards

0914_POLITICS_HomeDepotRisk-Feature

The world’s largest DIY retailer has admitted that 56m credit and debit card numbers were compromised over a five-month period in one of the worst breaches of customer data ever recorded. Home Depot said on Thursday night that although the data theft began in April, the malware used by the hackers had only been completely removed from its systems this month.

The breach was revealed on 2 September by the security website Krebs on Security, which said that all 2,200 of Home Depot’s US stores could have been affected. The chain, which did not confirm the data breach until 8 September, said that security groups Symantec and FishNet Security were brought in to investigate the possible hacking as soon it became known.

The criminals used “unique, custom-built malware” that had not been seen in similar attacks, which helped them to avoid detection for so long, Home Depot said. It had completed a major payment security upgrade to ensure better encryption of customers’ card numbers.

US retailers have been slower to adopt the chip-and-Pin technology found in Britain and most European countries as many American credit cards still lacked the appropriate chips. The US payments industry has set a deadline of October 2015 to switch to chip and Pin.

Who deserves the core blame here? Probably the Big Banks. The fast buck is always sweetest – while ignoring long-range dangers. And that should read “American Big Banks”.

When chip and Pin came out over a decade ago, Euro banks, banks around the world realized the importance of increased security. Not worrying specifically about hackers, they still realized the cost of prevention was a helluva lot less than the cost of theft. American banks? They worried about next month’s bottom line. So they didn’t consider the investment in each new card of about $5 [at the time] to be worthwhile.

Now – it’s $10 per card and retailers like Home Depot are spending tens of million$ just to begin to recover from this data theft.

About these ads

Sorry, NSA – we’re not able to decrypt user info – Apple

Among the privacy policies outlined by Apple in a new privacy policy webpage on Wednesday is an iOS 8 feature that makes it technically impossible for the company to decrypt a device to harvest user data, even if law enforcement agencies request it…

In a document (PDF link) meant to guide law enforcement officers in requesting user information, Apple notes that it no longer stores encryption keys for devices with iOS 8, meaning agencies are unable to gain access even with a valid search warrant. This includes data store on a physical device protected by a passcode, including photos, call history, contacts and more.

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data,” Apple said on its new webpage dedicated to privacy policies. “So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

The safeguards do not apply to other services including iCloud, however, meaning any data stored offsite is fair game for government seizure. Still, the security implementation will likely be seen as a step in the right direction, especially given the current political climate following revelations of governmental “snooping” activities.

Overdue. As Edward Snowden suggested, encryption is still one of the best ways to frustrate government snooping. A standard that other tech companies might emulate even if it gets in the way of their monetization of your data.

Transforming cancer cells into healthy cells

For almost thirty years, William Kuhens worked on Staten Island as a basketball referee for the Catholic Youth Organization and other amateur leagues. At seventy, he was physically fit, taking part in twenty games a month. But in July of 2013 he began to lose weight and feel exhausted; his wife told him he looked pale. He saw his doctor, and tests revealed that his blood contained below-normal numbers of platelets and red and white blood cells; these are critical for, respectively, preventing bleeding, supplying oxygen, and combatting infection.

Kuhens was sent to the Memorial Sloan Kettering Cancer Center, in Manhattan, to meet with Eytan Stein, an expert in blood disorders. Stein found that as much as fifteen per cent of Kuhens’s bone marrow was made up of primitive, cancerous blood cells. “Mr. Kuhens was on the cusp of leukemia,” Stein told me recently. “It seemed that his disease was rapidly advancing…”

The only options were experimental. Stein had sent a sample of Kuhens’s bone marrow to be analyzed for the presence of thirty or so gene mutations that are known to be associated with blood cancers. The tests revealed one notable mutation, in a gene that produces an enzyme called IDH-2. Normally, the enzyme helps to break down nutrients and generate energy for cells. When mutated, it creates a molecule that alters the cells’ genetic programming. Instead of maturing, the cells remain primitive, proliferate wildly, and wreak havoc…

This past spring, Kuhens entered the AG-221 drug trial and received his first dose. Within weeks, the leukemic-cell count in his bone marrow had fallen from fifteen per cent to four per cent, and his counts of healthy blood cells improved markedly; he has been in complete remission for four months. The most noticeable side effect has been a metallic taste in his mouth. “For some reason, I can’t stand mayonnaise,” Kuhens told me recently. He just celebrated his fiftieth wedding anniversary. “I want to be around for a while,” he said, “and I don’t know how long this drug will last…”

The Agios drug, instead of killing the leukemic cells—immature blood cells gone haywire—coaxes them into maturing into functioning blood cells. Cancerous cells traditionally have been viewed as a lost cause, fit only for destruction. The emerging research on A.M.L. suggests that at least some cancer cells might be redeemable: they still carry their original programming and can be pressed back onto a pathway to health.

Most cancers, once they spread, are incurable. Cancer researchers are desperate to raise the number of patients who go into remission, to prolong those remissions, and to ultimately prevent relapse. So when a new way of attacking cancer comes along, it is often greeted with incautious euphoria and an assumption that the new paradigm can be quickly converted into a cure for all cancers…

Cancer does not have one fatal flaw. It advances along many paths, sometimes incrementally, often unpredictably, like the science arrayed against it. Nonetheless, these latest findings offer an unanticipated opportunity for scientists to reëxamine what many of us took for granted: that cancer cells must be destroyed if the patient is to improve. These discoveries could enable researchers to target cancers that were previously beyond treatment. For patients, they offer evidence that it is possible to live longer, and better, with cancer—and they provide hope that scientists are advancing on a cure.

The big CA scares all of us. Shuffling off this mortal coil is nothing any sentient rational human being looks forward to. Adding all the negatives of death by cancer increases anxiety and fear by an order of magnitude.

RTFA for an analysis of the treatment and research involved in this particular approach. Someday, it may help you through a difficult time.

Thanks, Mike

The coffee genome has been mapped — woo-hoo!

Scientists have now mapped the genome of the Coffea canephora plant species, better known as the Robusta, which constitutes around a third of coffee sold worldwide. The results were published in the journal Science.

Robusta only grows in the Eastern Hemisphere, and it is the parent plant of the Arabica bean. Robusta coffee is known for its use in instant coffees and supermarket coffees, while the more complex Arabica species is known for its use in more specialty coffees.

The mapping of the Robusta species helped the scientists learn how caffeine forms in the plant and how different genetics produce different flavors and caffeine strengths of beans. The study found that plants used for tea and coffee plants produce caffeine through a different biological process.

With the new information, coffee cultivators can identify different ways to breed coffee plants to produce desired results, like disease resistance or plants that can grow in environments they’re not accustomed to growing in.

More coffee, more coffee, more coffee.

This should be one of those accomplishments uniting the Vegetarian Left and Science-Technoids. Unless you’re limiting yourself to Postum. :)

Haboob swallows Phoenix, Arizona

The city of Phoenix, Arizona, was hit by a massive dust storm on Saturday evening…

The haboob left thousands of homes without power and grounded numerous flights at the city’s international airport.

Reports indicated this critter had about a 3000-foot top.

Now, folks over in Arizona will get to listen to Tea Party-types whine for a couple of weeks about this sort of dust storm being called a haboob. Even weather reports are judged on whether they’re white enough.

Genetically-engineered E. coli poops out propane

bacteriagasolina1

Propane is an appealing fuel, easily stored and already used worldwide, but it’s extracted from the finite supply of fossil fuels – or is it? Researchers at Imperial College London and the University of Turku have engineered E. coli bacteria that create engine-ready propane out of fatty acids, and in the future, maybe even sunlight…

With the premise of producing a fuel that’s more sustainable in a biological host and easier to bring to market, the research team engineered a pathway in E. coli that interrupts the conversion of fatty acids into cell membranes and instead couples naturally unlinked enzymatic processes to manufacture propane…

“Although this research is at a very early stage, our proof of concept study provides a method for renewable production of a fuel that previously was only accessible from fossil reserves,” said Dr Patrik Jones, from the Department of Life Sciences at Imperial College London. “Although we have only produced tiny amounts so far, the fuel we have produced is ready to be used in an engine straight away. This opens up possibilities for future sustainable production of renewable fuels that at first could complement, and thereafter replace fossil fuels like diesel, petrol, natural gas and jet fuel.”

Manufacturing useable quantities of propane is the goal for future experiments, along with recreating the process in photosynthetic organisms, so that propane could truly be manufactured with the power of sunlight.

Genetic manipulation continues to forge ahead in the realm of molecular biologists. While I share the humor of fellow sci-fi fans, I doubt the fear of synthetic overlords is justifiable – given the requisite conservatism of the craft.

Though, poisonally, I ain’t holding my breath until this process is productive enough to be commercially viable.

NASA’s “swarmies” robots designed to explore alien worlds


What could possibly go wrong?

A collection of autonomous robots designed to scuttle around on distant planets looking for resources and materials in much the same way that members of insect colonies do on Earth are currently being tested by NASA engineers. The robots, dubbed “swarmies,” are designed to individually survey an area, signal the others when they have found something of value, and then divide up the task of collecting the material and returning it back to base.

Currently, four of these robots have been built, each of which is fitted with a webcam, a Wi-Fi system to communicate with each other, and a GPS unit. Whilst the test terrain is a little less alien than they one day may encounter – the swarmies are being deployed in an empty car park at Kennedy Space Center in Florida – the tests are meant only to prove that the software is functioning as it should and that the robots are operating as expected.

In the tests the robots are searching for barcoded pieces of paper. However, in the future similar robots deployed on an asteroid, the moon or Mars could continuously scan the surface for water, fuel resources or other commodities vital to an away mission…

“Assuming this pays off, we know somebody’s going to take this and extend it and go beyond the four or five rovers we have here,” said Kurt Leucht, a Kennedy Space Center engineer working on the project. “So as we design this and work it through, we’re mindful about things like minimizing bandwidth. I’m sure there will be a team whether it’s us or somebody else who will take this and advance it and scale it up.”

A proper hive mentality, hive consciousness with complex interrelationships and specialization is an obvious avenue.

Of course, anyone who fears – or is comfortable with – the Borg will have interesting dreams. I’m not worried about any variety developed by government agencies. Redundancy will always be designed to guarantee the safety of the slow.

Now, when surplus gear becomes available on the cheap in some 22nd Century flea market – that’s a different story.

Thanks, Mike

Realistic count of homicides by police = about 1100 per year

…The U.S. government doesn’t track how many people are killed by the police. The FBI tracks “justifiable” police homicides, which it reports to be about 400 per year, but that tally is an undercount.

Given this vacuum, attention has recently turned to some excellent nongovernmental attempts to compile this data, including the Fatal Encounters database, the recently created Gun Violence Archive and a new database created by Deadspin.

But one recent effort stood out for its apparent comprehensiveness: The Killed By Police Facebook page, which aggregates links to news articles on police-related killings and keeps a running tally on the number of victims. The creator of the page does not seek to determine whether police killings are justifiable; each post “merely documents the occurrence of a death.” He told FiveThirtyEight that he was an instructor on nonviolent physical-intervention techniques and that he prefers to remain anonymous.

Killed by Police had listed more than 1,450 deaths caused by law-enforcement officers since its launch, on May 1, 2013, through Sunday. That works out to about three per day, or 1,100 a year.

The page doesn’t claim that this is a comprehensive count, but it could be useful — like the count from the FBI’s annual Supplementary Homicide Report is useful — for setting a baseline number of police killings, as long as important caveats are acknowledged. For one, any database drawn from news sites relies on the assumption that the reports are accurate…

RTFA for an interesting examination of how the folks at fivethirtyeight.com went about their statistical task. They’re one of the most reliable, self-checking survey sources in the nation along with the Pew Foundation.

US Navy will test Fortis exoskeletons

The National Center for Manufacturing Sciences (NCMS) has ordered a pair of Fortis exoskeletons from Lockheed Martin for testing and evaluation. The unpowered exoskeletons won’t give sailors superhuman strength, but they will allow them to handle heavy equipment for longer periods with less fatigue…

“Ship maintenance often requires use of heavy tools, such as grinders, riveters or sandblasters,” says Adam Miller, director of new initiatives at Lockheed Martin Missiles and Fire Control. “Those tools take a toll on operators due to the tools’ weight and the tight areas where they are sometimes used. By wearing the Fortis exoskeleton, operators can hold the weight of those heavy tools for extended periods of time with reduced fatigue…”

Unlike powered exoskeletons, Fortis works like a frame that increases the wearer’s strength and endurance by channeling the weight of heavy objects away from the wearer’s body and down through the exoskeleton to the ground. This allows operators to carry objects weighing up to 36 lb (16.3 kg) as if they were weightless. Lockheed says that Fortis with its Equipois ZeroG arm can reduce fatigue by 300 percent and improve productivity by 200 to 2,700 percent.

But if it sounds like something rigid, Lockheed says that Fortis is more like the steadicam rig used by filmmakers. It can be used in standing and kneeling positions, is adjustable to different heights and body types, and the joints and ergonomic design do not hinder movement or flexibility.

I’m still trying to catch up to the steadicam. I watch the camera operators trundling up and down the sidelines at Premier League football matches in awe.

US government wants to mandate motor vehicle connectivity

connectivity

The federal government is inching closer to mandating cars have the ability to communicate with each other, in a move regulators say could reduce crashes while still protecting motorists’ personal information..

Called vehicle-to-vehicle communication (V2V), the technology would use radio frequencies to communicate potential dangers to drivers, and the Transportation Department has begun the rule-making process of possibly making it required equipment in cars, though it could take years for a new law to take effect…

“By warning drivers of imminent danger, V2V technology has the potential to dramatically improve highway safety,” said NHTSA Deputy Administrator David Friedman said in a statement.

NHTSA also said vehicle communication could be used to assist in blind-spot detection, forward-collision alarms and warnings not to pass, though many of these technologies are available in today’s cars using other technologies, like radar.

Mindful of recent “hacking” incidents involving major retailers, websites and identity theft, NHTSA said the data transmitted would only be used for safety purposes, and notes the systems being considered would contain “several layers” of security and privacy protection.

On one hand, I’ve been following this development from car manufacturers who wish to use tech like this for accident prevention. Mercedes is a leader on this side of the research.

On the other, is there anyone left in America who trusts the government enough to buy into this technology. Even if security from hackers might be guaranteed, does anyone think the Feds would pass up backdoor access to keep an eye on us?