Apple Removes All References To Controversial CSAM Scanning Feature From Its Child Safety Webpage

Apple has quietly nixed all mentions of CSAM from its Child Safety webpage, suggesting its controversial plan to detect child sexual abuse images on iPhones and iPads may hang in the balance following significant criticism of its methods. From a report: Apple in August announced a planned suite of new child safety features, including scanning users’ iCloud Photos libraries for Child Sexual Abuse Material (CSAM), Communication Safety to warn children and their parents when receiving or sending sexually explicit photos, and expanded CSAM guidance in Siri and Search. Following their announcement, the features were criticized by a wide range of individuals and organizations, including security researchers, the privacy whistleblower Edward Snowden, the Electronic Frontier Foundation (EFF), Facebook’s former security chief, politicians, policy groups, university researchers, and even some Apple employees.

Read more of this story at Slashdot.

USPS Built and Secretly Tested a Blockchain-Based Mobile Voting System Before 2020

An anonymous reader quotes a report from The Washington Post: The U.S. Postal Service pursued a project to build and secretly test a blockchain-based mobile phone voting system before the 2020 election (Warning: may be paywalled; alternative source), experimenting with a technology that the government’s own cybersecurity agency says can’t be trusted to securely handle ballots. The system was never deployed in a live election and was abandoned in 2019, Postal Service spokesman David Partenheimer said. That was after cybersecurity researchers at the University of Colorado at Colorado Springs conducted a test of the system during a mock election and found numerous ways that it was vulnerable to hacking.

The project appears to have been conducted without the involvement of federal agencies more closely focused on elections, which were then scrambling to make voting more secure in the wake of Russian interference in the 2016 contest. Those efforts focused primarily on using paper ballot so the voter could verify their vote was recorded accurately and there would be a paper trail for auditors — something missing from any mobile phone or Internet-based system. The project appears to have been conducted without the involvement of federal agencies more closely focused on elections, which were then scrambling to make voting more secure in the wake of Russian interference in the 2016 contest. Those efforts focused primarily on using paper ballot so the voter could verify their vote was recorded accurately and there would be a paper trail for auditors — something missing from any mobile phone or Internet-based system.

The Postal Service system allowed people to cast votes on an Internet-connected mobile app similar to how they might add items to an online shopping cart or fill out an online survey. The votes were designed to be anonymous and to be recorded in multiple digital locations simultaneously. The idea is that each of those digital records would act as a check to verify the accuracy of the other records. This is essentially the same method that cryptocurrencies such as bitcoin use to ensure transactions are accurately recorded. But the system didn’t protect against the numerous ways hackers might fake or corrupt votes, the University of Colorado researchers said. Those include impersonating voters, attacking the blockchain system itself so votes can’t be trusted, flooding the system with information so it becomes too overwhelmed to function, and using techniques that undermine voters’ privacy and the secrecy of the ballot. The researchers were able to successfully perform all those hacks during a mock election held on campus. “The Postal Service was awarded a public patent for the concept in August 2020, but had not previously revealed that it built a prototype system or tested it,” the report notes.

Read more of this story at Slashdot.

Two US Senators Urge Federal Investigations Into Facebook About Safety – and Ad Reach

Two leading U.S. Senators “are urging federal regulators to investigate Facebook over allegations the company misled advertisers, investors and the public about public safety and ad reach on its platform,” reports CNBC:

On Thursday, Senator Warren urged the heads of the Department of Justice and Securities and Exchange Commission to open criminal and civil investigations into Facebook or its executives to determine if they violated U.S. wire fraud and securities laws. A day earlier, Senator Cantwell, chair of the Senate Commerce Committee, encouraged the Federal Trade Commission to investigate whether Facebook, now called Meta, violated the agency’s law against unfair or deceptive business practices. Cantwell’s letter was made public on Thursday…

In her letter to the FTC, Cantwell focused on Facebook’s claims about the safety of its products, in addition to the allegedly inflated ad projections… She suggested the agency investigate Facebook and, depending what the evidence shows, pursue monetary relief for advertisers and disgorgement of allegedly ill-gotten gains.
Senator Warren points to a whistleblower’s recent allegations that Facebook misled both investors and advertising customers about their ad reach, according to the article. But Warren’s letter also argued the possibility Facebook violated securities law with “breathtakingly illegal conduct by one of the world’s largest social media companies,” according to the article.

And in addition, Warren “wrote that evidence increasingly suggests executives were aware the metric ‘was meaningfully and consistently inflated.'”

Bloomberg adds this quote from Senator Cantwell’s letter:
“A thorough investigation by the Commission and other enforcement agencies is paramount, not only because Facebook and its executives may have violated federal law, but because members of the public and businesses are entitled to know the facts regarding Facebook’s conduct as they make their decisions about using the platform.”

Read more of this story at Slashdot.

‘When a Newspaper Publishes an Unsolvable Puzzle’

Slashdot reader DevNull127 writes: It’s a newspaper puzzle that’s like Sudoku, except it’s impossible. [Sort of…] They call it “The Challenger” puzzle — but when the newspaper leaves out a crucial instruction, you can end up searching forever for a unique solution which doesn’t exist!

“If you’re thinking ‘This could be a 9 or an 8….’ — you’re right!” complains Lou Cabron. “Everyone’s a winner today! Just start scribbling in numbers! And you’d be a fool to try to keep narrowing them down by, say, using your math and logic skills. A fool like me…” (Albeit a fool who once solved a Sudoku puzzle entirely in his head.) But two hours of frustration later — and one night of bad dreams — he’s stumbled onto the web page of Dr. Robert J. Lopez, an emeritus math professor in Indiana, who’s calculated that in fact Challenger puzzles can have up to 190 solutions… and there’s more than one solution for more than 97% of them!

At the end of the day, it becomes an appreciation for the local newspaper, and the puzzles they run next to the funnies. But with a friendly reminder “that they ought to honor and respect that love — by always providing the complete instructions.”

Apple Launches AirTags and Find My Detector App For Android, In Effort To Boost Privacy

Apple has released a new Android app called Tracker Detect, designed to help people who don’t own iPhones or iPads to identify unexpected AirTags and other Find My network-equipped sensors that may be nearby. CNET reports: The new app, which Apple released on the Google Play store Monday, is intended to help people look for item trackers compatible with Apple’s Find My network. “If you think someone is using AirTag or another device to track your location,” the app says, “you can scan to try to find it.” If the Tracker Detector app finds an unexpected AirTag that’s away from its owner, for example, it will be marked in the app as “Unknown AirTag.” The Android app can then play a sound within 10 minutes of identifying the tracker. It may take up to 15 minutes after a tracker is separated from its owner before it shows up in the app, Apple said.

If the tracker identified is an AirTag, Apple will offer instructions within the app to remove its battery. Apple also warns within the app that if the person feels their safety is at risk because of the item tracker, they should contact law enforcement. […] The Tracker Detect app, which Apple first discussed in June, requires users to actively scan for a device before it’ll be identified. Apple doesn’t require users have an Apple account in order to use the detecting app. If the AirTag is in “lost mode,” anyone with an NFC-capable device can tap it and receive instructions for how to return it to its owner. Apple said all communication is encrypted so that no one, including Apple, knows the location or identity of people or their devices.

Read more of this story at Slashdot.

Cable News Talent Wars Are Shifting To Streaming Platforms

The vacancies at cable news companies are piling up as networks and journalists begin to eye streaming alternatives. Axios reports: Why it matters: Primetime cable slots and the Sunday shows are no longer the most opportunistic placements for major TV talent.

Driving the news: Long-time “Fox News Sunday” host Chris Wallace is leaving the network after nearly two decades, he announced Sunday. He will be joining CNN as an anchor for its new streaming service, CNN+. Wallace will anchor a new weekday show and will contribute to the network’s daily live programming, per CNN. It was his decision not to renew his contract with the network, which expired this year, CNN’s Brian Stelter reported.

The big picture: Wallace marks the latest in a string of cable news host departures and shakeups in the past few weeks and months. There are now several holes cable bosses will need to fill in coming weeks. […] Major networks are investing heavily to lure talent to streaming alternatives in light of the decline of linear television. CNN hired NBC News veteran Kasie Hunt as an anchor and analyst for CNN+, reportedly for a salary of over $1 million. It’s hiring hundreds of new roles for the streaming service, set to launch next quarter. NBC News has already hired the majority of the 200+ new jobs it announced over the summer for its new streaming service and digital team, a top executive confirmed to Axios last month. One of its linear TV anchors, Joshua Johnson, moved full-time to host a primetime streaming show for NBC News Now. Fox News launched a new weather-focused streaming service in October. A Fox executive said last week the company is prepared to migrate Fox News to a streaming platform when the time is right. CBS News changed the name of its streaming service recently from CBSN to “CBS News” to represent a new streamlined vision for streaming. “TV networks won’t stop seriously investing in linear news programs until sports move out of the cable bundle, and that won’t be for another few years,” adds Axios.

Read more of this story at Slashdot.

South Korea To Test AI-Powered Facial Recognition To Track COVID-19 Cases

South Korea will soon roll out a pilot project to use artificial intelligence, facial recognition and thousands of CCTV cameras to track the movement of people infected with the coronavirus, despite concerns about the invasion of privacy. Reuters reports: The nationally funded project in Bucheon, one of the country’s most densely populated cities on the outskirts of Seoul, is due to become operational in January, a city official told Reuters. The system uses an AI algorithms and facial recognition technology to analyze footage gathered by more than 10,820 CCTV cameras and track an infected person’s movements, anyone they had close contact with, and whether they were wearing a mask, according to a 110-page business plan from the city submitted to the Ministry of Science and ICT (Information and Communications Technology), and provided to Reuters by a parliamentary lawmaker critical of the project.

The Bucheon official said the system should reduce the strain on overworked tracing teams in a city with a population of more than 800,000 people, and help use the teams more efficiently and accurately. […] The Ministry of Science and ICT said it has no current plans to expand the project to the national level. It said the purpose of the system was to digitize some of the manual labour that contact tracers currently have to carry out. The Bucheon system can simultaneously track up to ten people in five to ten minutes, cutting the time spent on manual work that takes around half an hour to one hour to trace one person, the plan said.

Read more of this story at Slashdot.

An Experimental Target-Recognition AI Mistakenly Thought It Was Succeeding 90% of the Time

The American military news site Defense One shares a cautionary tale from top U.S. Air Force Major General Daniel Simpson (assistant deputy chief of staff for intelligence, surveillance, and reconnaissance). Simpson describes their experience with an experimental AI-based target recognition program that had seemed to be performing well:

Initially, the AI was fed data from a sensor that looked for a single surface-to-surface missile at an oblique angle, Simpson said. Then it was fed data from another sensor that looked for multiple missiles at a near-vertical angle. “What a surprise: the algorithm did not perform well. It actually was accurate maybe about 25 percent of the time,” he said.

That’s an example of what’s sometimes called brittle AI, which “occurs when any algorithm cannot generalize or adapt to conditions outside a narrow set of assumptions,” according to a 2020 report by researcher and former Navy aviator Missy Cummings. When the data used to train the algorithm consists of too much of one type of image or sensor data from a unique vantage point, and not enough from other vantages, distances, or conditions, you get brittleness, Cummings said. In settings like driverless-car experiments, researchers will just collect more data for training. But that can be very difficult in military settings where there might be a whole lot of data of one type — say overhead satellite or drone imagery — but very little of any other type because it wasn’t useful on the battlefield…

Simpson said the low accuracy rate of the algorithm wasn’t the most worrying part of the exercise. While the algorithm was only right 25 percent of the time, he said, “It was confident that it was right 90 percent of the time, so it was confidently wrong. And that’s not the algorithm’s fault. It’s because we fed it the wrong training data.”

Read more of this story at Slashdot.

Some Fans React Negatively to Disney’s Promos for Star Wars-Themed Hotel

SFGate pan’s Disney’s efforts at “hyping up its mega-expensive, hyper-immersive Star Wars hotel in Walt Disney World” — the Galactic Starcruiser — as its March 1st opening approaches:

Guests must book two nights — which will set you back nearly $5,000 for two people or $6,000 for a family of four — and will spend most of their time inside the spaceship resort, much like a cruise. There’s an “excursion” into the Galaxy’s Edge part of Disney World, while the remainder of the stay includes interactions with characters, lightsaber training (more on that later) and exclusive restaurants…

The look and feel of the hotel has been criticized as looking plastic and cheap, and reception to one sneak peek video was so bad, it has since disappeared from Disney’s YouTube channel.

The video showed actor Sean Giambrone of “The Goldbergs” being given a tour of some of the ship’s features, which look pretty bare and antiseptic for the Star Wars universe, and listening to a strange musical performance. (Another user uploaded the deleted video here.) The promo prompted one Twitter user to comment, “Bro this isn’t Star Wars, this is ‘Space Conflicts.'” Fans responded similarly to a demo of Disney Parks Chairman Josh D’Amaro testing out the vaunted lightsaber training. Instead of a flashy, super realistic adventure, the training consisted of a standard light-up lightsaber and some lasers…

Reservations booked up quickly when the hotel was announced but now, as the 90-day deadline to cancel approaches, people appear to be ducking out of their expensive commitments; a number of openings have begun popping up in March, April and June.

Read more of this story at Slashdot.

Google Finally Killed Its Internet Explorer Plugin, ‘Google Toolbar’

Ars Technica’s reviews editor remembers how Google Toolbar launched back when Internet Explorer “had a rock-solid monopoly” on December 11, 2000, and marked Google’s first foray into browser ownership. “Rather than idly sit by and live under Internet Explorer’s rule, Google’s plan was to hijack Microsoft’s browser with various plugins.”

Once upon a time, Toolbar.google.com offered to guide any wayward Internet Explorer users across the web with the power of Google…. It also patched up long-neglected Internet Explorer with new features, like highlighted search terms in pages, pop-up blocking, spell check, autofill, and Google Translate. Phase 2 of the hijack plan was Google Gears, which augmented IE with new APIs for web developers. Eventually, Google stopped fixing other companies’ browsers and launched Google Chrome in 2008, which would make all of this obsolete.

But it ended as Google finally pulled the plug this week on “a dusty, forgotten server” that had spent nearly 21 years blurting out “Take the best of Google everywhere on the web!”

Now, it redirects to a support page saying “Google Toolbar is no longer available for installation. Instead, you can download and install Google Chrome.” The good news is that we wrote most of this post at the end of November, so this might be the Internet’s very last hands-on of the now-dead product….

To say the app had been neglected is an understatement. The about page read, “Copyright 2014 Google,” though Google definitely stopped performing maintenance on Toolbar before that. You could still do a Google Search, and you could still sign into Google Toolbar, but so much there was broken or a time capsule from a bygone era….

The “share” settings were a bloodbath, listing options for Google Reader (killed July 2013), Orkut (killed September 2014), Google+ (killed April 2019), and Google Bookmarks (killed September 2021). There were also search shortcuts for Google Blog Search (killed May 2011) and Picasa Web Albums (dead May 2016)….

The spell-check servers didn’t work anymore, and I couldn’t translate anything. The baked-in-by-default connections to Google+ and Google Bookmarks would also let you know that those products have been shut down. Even some of the “working” integrations, like Gmail, didn’t really work because Gmail no longer supports Internet Explorer….

One feature that really blew my mind was a button that said, “Turn off features that send information.” Google Toolbar apparently had a one-click privacy kill switch back in the day.

Read more of this story at Slashdot.