Amazon blocks domain fronting, threatens to shut down Signal’s account

Amazon blocks domain fronting, threatens to shut down Signal’s account

https://ift.tt/2rg5CL7

Enlarge /

Moxie Marlinspike, founder of Signal.

Last week, Amazon announced a change to an Amazon Web Service designed specifically to end the use of domain fronting—the exploitation of a content delivery network’s architecture to conceal the actual destination of encrypted Internet traffic. At the same time, Amazon issued a warning to the developers of the Signal encrypted phone and messaging application that their Amazon CloudFront account Signal uses CloudFront to handle load balancing of its servers, none of which has a permanent IP address.

Signal had moved to Amazon after Google made changes to its network that broke a domain-fronting scheme that had helped users in a number of countries evade network address blocking. As Ars has described previously, domain fronting uses an idiosyncrasy of how some content delivery networks (CDNs) used by major Internet services work. Fronting does so to conceal Transport Layer Security-encrypted traffic for one site within what appears to be a request for another domain within the same CDN. As Signal founder Moxie Marlinspike wrote in a blog post announcing Amazon’s move, “Google and Amazon built their [Transport Layer Security] termination layer separately from their request processing layer, such that it was possible to create what looked like a TLS connection for domain A with a request that would actually be received and processed by domain B.”

Until earlier this year, the Signal Foundation used Google App Engine to run proxies for several Middle Eastern countries that censor direct access to Signal—Egypt, Oman, Qatar, and the United Arab Emirates. Signal was using domain fronting for all of those countries but Iran, starting in 2016—hiding traffic by making it look like it was directed to google.com. Iran blocks the Google search engine, so Signal could not use domain fronting through Google to connect users there; Google also blocks App Engine traffic from Iran due to the company’s interpretation of US sanctions against Iran.

Google made changes to its content-management network last month (which the company claimed were long-planned upgrades) that put Google.com in a different CDN segment than App Engine servers. That broke Signal’s domain-fronting scheme, so the Signal team moved to Amazon with plans to conceal traffic by using Amazon’s Souq.com—an e-commerce site serving the United Arab Emirates—as a front for Signal traffic. But Amazon caught wind of the plans and sent Marlinspike an email threatening to shut down Signal’s Cloudfront account, published by Marlinspike:

Subject: Notification of potential account suspension regarding AWS Service Terms

Moxie,

Yesterday, AWS became aware of your Github and Hacker News/ycombinator posts describing how Signal plans to make its traffic look like traffic from another site, (popularly known as “domain fronting”) by using a domain owned by Amazon —Souq.com. You do not have permission from Amazon to use Souq.com for any purpose. Any use of Souq.com or any other domain to masquerade as another entity without express permission of the domain owner is in clear violation of the AWS Service Terms (Amazon CloudFront, Sec. 2.1: “You must own or have all necessary rights to use any domain name or SSL certificate that you use in conjunction with Amazon CloudFront”). It is also a violation of our Acceptable Use Policy by falsifying the origin of traffic and the unauthorized use of a domain.

We are happy for you to use AWS Services, but you must comply with our Service Terms. We will immediately suspend your use of CloudFront if you use third-party domains without their permission to masquerade as that third party.

Ars requested a comment from Amazon, but we have not yet received a response. Meanwhile, Amazon and Google have had to contend with widespread blocking of their services in efforts to stop the use of domain-fronting proxies and other cloud-proxy services, especially in Russia—where Roskomnadzor, Russia’s federal communications authority, has ordered the blocking of the encrypted chat applications Zello and Telegram and, in the process, blocked portions of Amazon’s and Google’s networks.

Amazon’s decision does not change the situation for would-be users of Signal in Iran. Amazon blocks access from Iran to 90 percent of its services, offering only one AWS-based service there, due to Amazon’s interpretation of current US sanctions against Iran.

Tech

via Ars Technica https://arstechnica.com

May 2, 2018 at 01:59PM

Facebook used billions of hashtagged Instagram photos to train its AI

Facebook used billions of hashtagged Instagram photos to train its AI

https://ift.tt/2FEKJ0A

Consider Instagram hashtags. When someone uploads a photograph to the Facebook-owned platform, they can add a hashtag. That could be something like #love, #fashion, or #photooftheday—those were the top three hashtags of last year. While those tags illustrate abstract concepts, there are plenty of more concrete descriptors our there, like #brownbear, which, unsurprisingly, is full of ursine pics.

But while hashtags are a good way for someone to see millions of #travel photos in one place, Facebook used those labeled photographs to do something else: train their image-recognition software, which is a kind of artificial intelligence called computer vision in which you teach a computer to recognize what’s in an image.

In fact, they used some 3.5 billion Instagram photos (from public accounts) and 17,000 hashtags to train a computer vision system that they say is the best one that they have created yet.

Facebook’s CTO, Mike Schroepfer, announced the research today at the company’s developer conference, F8, calling the results “state of the art.”

Bad supervision

To understand why this is an interesting approach, it helps to know the difference between “fully supervised” and “weakly supervised” training for artificial intelligence systems. Computer visions systems need to be taught to recognize objects. Show them images that are labeled “bear,” for example, and they can learn to identify images it thinks are bears in new photos. When researchers use photographs that humans have annotated so that an AI system can learn from them, that’s called “fully supervised.” The images are clearly labeled so the software can learn from them.

“That works really well,” says Manohar Paluri, the computer vision lead at Facebook’s Applied Machine Learning group, which carried out the research along with another division at the social network called Facebook AI Research. The only problem with that approach is that the images need to be labeled in the first place, which takes work by humans.

“Going to billions [of labeled images] starts becoming infeasible,” Paluri adds. And in the world of artificial intelligence, the more data that a system can learn from, generally the better it is. And diverse data is important too—if you want to teach an AI system to recognize what a wedding looks like, you don’t want to just show it photographs of weddings from North America, but instead from weddings across the world.

Enter “weakly supervised” learning, in which the data hasn’t been carefully labeled by people for the purpose of teaching an AI. That’s where all those billions of Instagram photos came into play. Those hashtags become a way of crowdsourcing the labeling job. For example, the tag #brownbear, combined with the similar tag #ursusarctos, becomes the label for images of bears. Instagram users became the labelers.

But that kind of data is messy and imperfect, and thus noisy. For example, Paluri points out that someone who takes an Instagram photo near the Eiffel Tower may still give it that tag, but the tower itself isn’t visible. That label still makes sense in the human context, but doesn’t do much good for a simple-minded computer. In another scenario, a birthday party scene that has cake in it might not be labeled #cake, which is also not helpful if you’re trying to train a computer what that dessert looks like.

It worked anyway

But the end result is that despite the noise in the original data, Paluri says that ultimately, it worked very well. Measured by one benchmark, the system—trained on those billions of Insta pics—was on average about 85 percent accurate. Paluri says that it is the strongest computer vision system that Facebook has yet made.

If you use Facebook, you know that it can recognize faces in the photos you upload and suggest tagging them with (hopefully) the right name. That’s an example of computer vision—in this case, face recognition. But under the hood, Facebook uses computer vision to identify other things besides faces, like visual content (such as pornography) that’s not allowed on the platform.

Paluri says that the new, Instagram-trained technology is already being used to help them flag objectionabe content in photos that shouldn’t be on the site. When it comes to recognizing “objectionable content,” he says, they’ve already noticed “significant improvement in accuracy.”

Tech

via Popular Science – New Technology, Science News, The Future Now https://ift.tt/2k2uJQn

May 2, 2018 at 01:34PM

Facebook is open-sourcing its most powerful AI tools yet

Facebook is open-sourcing its most powerful AI tools yet

https://ift.tt/2I46NH0


ktsimage via Getty Images

Facebook is continuing its push to more openly share its AI research and code with the release of PyTorch 1.0 — a deep-learning system that Facebook says represents a “fundamental shift” in open source AI frameworks. Traditionally, taking AI development from research to production has been a complex and time-intensive task involving multiple steps and various tools. PyTorch 1.0 has been designed to optimize the process.

The new framework draws on the modular, production-orientated features of Caffe2 and ONNX. Caffe2 was launched two years ago to standardize Facebook’s production AI tooling, but getting projects to this stage was a manual and often error-prone process. ONNX (Open Neural Network Exchange) was created to make the export process smoother, but complicated, time-consuming steps remained. PyTorch 1.0 fuses together features from both, giving developers a hybrid frontend to share code between prototyping and execution mode for production.

It’ll be available in beta within the next few months, and will include a family of tools, libraries, pre-trained models, and datasets for each stage of development, allowing developers to quickly create and deploy new AI innovations at scale. Its underlying technology already supports AI in most of Facebook’s products, including performing six billion translations a day. Obviously it’s dev-focused, but smarter AI means better everyone can expect better AI features as a result.

Click here to catch up on the latest news from F8 2018!

Tech

via Engadget http://www.engadget.com

May 2, 2018 at 12:09PM

Cambridge Analytica shuts down after Facebook user data scandal

Cambridge Analytica shuts down after Facebook user data scandal

https://ift.tt/2HMy6SZ

Enlarge /

Signs for Cambridge Analytica in the lobby of the building in which the firm is based on March 21, 2018 in London.

Cambridge Analytica, the embattled London-based data analytics firm that famously did work with the Donald Trump presidential campaign, has shut down.

According to The Wall Street Journal, the company’s closure is effective today.

As Ars reported previously, it was revealed last month that a 2014 survey app that required Facebook login credentials allowed the survey creator and his team access to their friends’ public profile data. In the end, this system captured data on 87 million Facebook users. This data trove wound up in the hands of Cambridge Analytica, a British data analytics firm, which worked for the Donald Trump presidential campaign.

The Cambridge Analytica dustup has resulted in Facebook now being on the defensive: it has trotted out one change after another, and CEO Mark Zuckerberg himself recently testified over the course of 10 hours to a joint Senate committee hearing.

The UK parliament is now demanding that he answer its questions, too.

According to the Journal: “Nigel Oakes, the founder of SCL Group, Cambridge Analytica’s British affiliate, confirmed that both companies were closing down.”

The company’s former CEO, Alexander Nix, was suspended from the company in March 2018, shortly after the revelations broke.

Cambridge Analytica did not immediately respond to Ars’ request for comment.

This story is developing. Please check back for updates.

Tech

via Ars Technica https://arstechnica.com

May 2, 2018 at 01:25PM

Pentagon bans Huawei, ZTE phones from military base retailers

Pentagon bans Huawei, ZTE phones from military base retailers

https://ift.tt/2HIVwMP


NurPhoto via Getty Images

The Pentagon has banned retailers on US military bases from selling Huawei and ZTE phones, the Wall Street Journal reported. Officials are concerned that the Chinese government could order the firms to track soldiers’ movements or snoop on their communications, though Huawei and ZTE have both denied that could be the case.

While the Pentagon can’t block military members from using Huawei or ZTE phones for personal use, cutting off a core supply line is likely to temper the prevalence of the handsets. Additionally, the military may still issue an advisory on purchasing the devices. Both ZTE and Huawei are among the subjects of a bill introduced in January that seeks to ban them from US government contracts, though the bill hasn’t advanced as yet.

The manufacturers’ phones are less popular inside the US than in other markets, including Germany, where the US has a large military infrastructure. TKS, a provider for English speakers in the country, recently pulled Huawei phones from its military base stores to comply with Army & Air Force Exchange Services guidance. The phones were available at the stores last week.

The ban reflects long-standing government concerns over Chinese phones. In 2012, the Congress Intelligence Committee claimed in a report that Huawei and ZTE presented national security risks. The report accused the companies of failing to cooperate in the committee’s investigation and declining to clarify their relationships with the Chinese government. It also highlighted alleged corruption, bribery, and discriminatory practices at Huawei.

The government has tightened the squeeze more recently. In February, intelligence agencies warned Americans against buying Huawei phones, highlighting security concerns. Last month, the US Commerce Department revived an export ban on ZTE parts after the company violated an agreement. The ban, put in place after ZTE illegally shipped equipment to Iran and North Korea and lied about it, had been lifted after the firm agreed to abide by the rules.

Tech

via Engadget http://www.engadget.com

May 2, 2018 at 11:45AM

Social Media Makes Us Soldiers in the War Against Ourselves

Social Media Makes Us Soldiers in the War Against Ourselves

https://ift.tt/2I6sl5T

Over the past three years, America’s information ecosystem has proven easy pickings for anyone with a fistful of VPN connections and a sweatshop of kids playing World of Trollcraft. Whatever precise effects Russian interference had on the 2016 election, it finished off both social media’s innocence and traditional media’s authority.

But Americans, as of now, have nowhere else to turn. The habits of the library and the newsstand, to say nothing of pre-digital social life, are lost to us. Instead, we’re stalled in the data smog that hangs over social media and search engines. Sometimes we confront trolls, bots, phish, spam, and malware head-on; sometimes we meet trollspeak in memes parroted by real people. But the sanctity of our reason is routinely violated online.

In rolling revelations all winter, Facebook and other tech companies admitted that potentially hundreds of millions of users had been tricked by data miners and harassed by trolls, including legions at the Internet Research Agency, the Russian outfit indicted by the Justice Department in February. That sounds like a cause for condolences. But trolled people troll people. Many victims turn around and enlist as foot soldiers, passing on their cognitive injuries to others. “Computational propaganda,” as the human-machine hybrid campaigns are known, has been described as a way of “hacking people.”

This damage to our brains is overdetermined. First, the crime is in the software. As WIRED’s own Adam Rogers predicted in 2015, “Google’s search algorithm”—with zero help from bad actors—“could steal the presidency.” But digitization has also simply overwhelmed us. The journalist Craig Silverman put it this way: “Our human faculties for sense-making, and evaluating and validating information, are being challenged and in some ways destroyed.” And the information war includes seasoned generals, including Yev­geny Prigozhin (a restaurateur, b. 1961 in Leningrad) and Mikhail Bystrov (a cop, said to be in his late fifties). These two men ran the IRA and deftly exploited America’s mental vulnerabilities, flammable culture, and opportunistic software.

The weapons are hybrids too. According to reports in March, Cambridge Analytica, the data firm employed by the Trump campaign, launched disinformation scripts and bulk provokatsiya. IRA did the same, but it also conscripted real people. Some of these are partisans, or freestyling trolls. But a smaller group willingly subjugate themselves to specific infowar efforts. In January, a woman in South Carolina—a cheerful-­looking phytocannabinoid seller in her mid-­sixties—seems to have mobilized her #MAGA-­festooned Twitter account to promote a Nunes-­supporting meme: “Release the memo.” “Make this trend,” she implored. Trend it did.

Computational propaganda, which describes human-machine collaboration in influence ops, was coined at the Oxford Internet Institute at Balliol College, Oxford. (Balliol was founded in 1263, the year King James I of Aragon aimed to sabotage significant information channels by censoring Hebrew writing.) The phrase describes the mixing of algorithms, automation, and human curation to manipulate perceptions, affect cognition, and influence behavior.

That human curation is key. People can whitewash buggy botspeak by giving it a human sheen in a retweet. Curators can also identify the cultural flash points—the NFL, Colin Kaepernick, the memo—that fire people up, so botnets can ratchet up the velocity of the most incendiary memes. The writer Jamelle Bouie points out that, in the US, these “flash points” often entail racism. It takes an American idiom and id to properly troll the electorate.

Samantha Bradshaw, at the Oxford Internet Institute, recently documented the ways that 28 nations have used social media to shape opinion. In every case, the campaigns aimed to ape the style and habits of actual activists, and they caught on to the degree that seemed human. The content didn’t need to be accurate or fair to be effective; it just needed to seem human, and humans with beating hearts are uniquely able to dispel the whiff of the uncanny from an automated script. Humans, of course, are indispensable when bodies are needed to show up in space or for photos.

As Bradshaw told the British parliament in testimony about hybrid information warfare, researchers lack the corporate datasets or government subpoena power to identify the exact humans involved in these campaigns. But the IRA indictments pointed the way to some Americans implicated in the Kremlin-sponsored infowar in 2016. When CNN approached two such people, they had contrasting responses.

“What would you think? A guy calls you and you talk to him and you build up a rapport over a period of time,” said Harry Miller, who was reportedly and unwittingly paid by some of the Russian indictees to cage Hillary Clinton in effigy. “They had that beautiful website.” By contrast, Florine Gruen Goldfarb, who mobilized Trumpites to demonstrate at an IRA-organized event, refused to accept that she’d been manipulated. “I don’t go with the Russians. C’mon, give me a break,” she said.

Bots have equanimity when it comes to contested stories. Humans decisively prefer to spread lies.

The fact that the campaigns involve masquerade, deception, and anthropomorphism—the disguising of robots as people—is part of why the IRA is charged with fraud and not acts of war. It’s also why Americans are disinclined to see the internet and the nation as under siege. If we had swollen glands and bloody vomit, we’d accept a diagnosis of anthrax poisoning, but no one likes to see herself as cognitively vulnerable. Once, to my shame, I circulated some bot-­amplified lies about antifa. (The meme was “Antifa is just as bad as neo-Nazism.”) When caught out, I started to justify myself; fortunately, seeing disinfo as aerosolized anthrax—equally hard to detect—helped restore my confidence. I corrected my mistake. My immune system rallied. “No one likes to be told they’ve been duped,” Bradshaw told me by email. But we must be “more aware of the ways in which bad actors try to infiltrate our networks to manipulate our thoughts and actions.”

To determine how we got here, we might not need to perseverate on the exotic stuff: the Kremlin or troll farms and botnets. Perhaps the fault is in our ancient all-too-human bodies. In March, an MIT study of false news made it clear that bots have equanimity when it comes to contested stories, while humans decisively prefer to spread lies over truth. In particular, we appear to like and share the lies that shock and disgust, arousing our bodies in druglike ways.

If so, there’s no way around this problem but through it. Of course, propaganda should be marked, regulated, and debunked. But at the same time, we need to understand our fragility as animals. Poor, mortal creatures of living-dying flesh that we are, we crave sensation. More even than robots, our most ancient proclivities may be our undoing.


Virginia Heffernan(@page88) is a contributor to WIRED. She wrote about how we see the world now in issue 26.04.

This article appears in the May issue. Subscribe now.

Tech

via Wired Top Stories https://www.wired.com

May 2, 2018 at 06:09AM

The Tricky Logistics of Delivering a Spacecraft on the Interstate

The Tricky Logistics of Delivering a Spacecraft on the Interstate

https://ift.tt/2HMAU6I

When I ask Bradley Worthington to tell me about that one time people in the southwest thought his trucking company, McCollister’s, was moving a UFO across the country, he laughs. There’s not a “that one time.” “It happens frequently,” he says, “especially with oversized things.”

And McCollister’s hauls a lot of oversized things. From astronaut capsules to weather-monitoring satellites to military aircraft, the company specializes in moving beefy, sensitive objects around securely. They’ve transported part of Orion, NASA’s next astronaut-carrying spacecraft, and the recently-launched Joint Polar Satellite System-1, an environmental-monitoring system.

Worthington does, though, know the one time I’m talking about. It was when his driver transported an F-35 jet model from California to Texas. The big-rig took a break in southern New Mexico, where passersby saw it carrying a saucer-looking craft covered in a metallic shroud—which, when illuminated, beamed like something otherworldly. “It looked spaceship-ish,” Worthington concedes, especially in a landscape long home to classified aerospace tests and undisclosed military experiments. “Everybody’s got their ideas,” Worthington says. “And if you stop for any reason, people want to know which UFO you’re transporting.”

Their confusion makes sense, in a way. “You don’t get a chance that often to see things going down the highway that aren’t farm equipment or wind turbines,” says Worthington. But that’s exactly the business McCollister’s is in. Satellites, rockets, and jets don’t always lift off from the same places where they were built. And when it’s time to make that big move, McCollister’s big-rigs are here to help.

Worthington worked for Lockheed Martin for 35 years, in its space systems division. In 1995, he took over the transportation group, sometimes employing McCollister’s to move its precious cargo. Companies like Landstar, Bennett Motor Express, and VIP Transport also offer aerospace-shipping services. But when Worthington retired from Lockheed in 2016, he agreed to become vice president of McCollister’s aerospace and defense arm.

The company actually started its high-tech transportation in the ’70s with supercomputers—big IBM racks. But at an aerospace trade show in the ’90s, an industry insider came up to McCollister’s booth and described a “mishap with a transportation event.” The guy’s (classified!) cargo was in the back of a truck when the connection between tractor and trailer failed, shaking up sensitive equipment. McCollister’s team started looking into how to mistake-proof that connection point: kingpins that lock, connections that rely on sliding bars or clamp down with metal jaws.

Decades later, McCollister’s agents have gained a reputation for not dropping or shaking stuff that’s spent years in development—like NASA’s Orion crew capsule. In 2016, soon after Worthington started his new gig, McCollister’s was tasked with moving part of the structure from Southern California to Colorado. Orion wasn’t just an oversized load: It was a “super load”, at 19 feet wide (your car, in case you haven’t measured it lately, is likely around six feet wide).

Whenever you’re moving something that is that big and that touchy, there’s a lot to consider: the spacecraft’s shape, how hot and cold and humid the air is, how much vibration is happening. And once a wide load like Orion gets on the road, the driver can’t just toodle around, stopping at diners and “world’s largest” food statues. Every state such a truck passes through requires a permit, and a route planner determines which roads have overpasses too low or lanes too narrow. For super loads, an actual human surveys the route. If anything about the cargo is classified, the company taps drivers with security clearance, of which McCollister’s has 12.

And, finally, McCollister’s must pick out Safe Haven spots, big enough that the driver can stop and check that a future astronaut habitat is nominal (and maybe sleep and pick up a five-hour energy shot). After all, not all exits have parking lots big enough to accommodate Orion’s berth. The trip went off without any hitches.

But that’s not always the case. Last fall, McCollister’s had to move NASA and NOAA’s Joint Polar Satellite System-1 satellite from Denver to Vandenberg Air Force Base. Bart Cosart, a NASA contractor at Ball Aerospace who works on mission assurance, was one of four chaperones who rode behind the big truck … in a coach bus, like a spacecraft roadie. “The trucks starts up,” says Cosart, “and you start rolling out with a couple billion dollars’ worth of satellite.” They’d all be rolling, McCollister’s estimated, for about 36 hours. But it turned into more like 50.

Just 50 miles out, during a stop, someone noticed that one of the environmental control units—which the federal agencies had supplied and which keep the satellite’s surroundings stable—was throwing an error message. The satellite, which helps severe-weather prediction and environmental-hazard tracking, could be severely damaged by swings in heat and humidity. The team knew that it was going to be 85 or 90 in Nevada, and what if the backup system failed, too?

McCollister’s called a servicer, who met them along their route and made it all better. Until, that is, they stopped for gas in Nevada. Just a few miles after leaving the station, the truck had a problem. Luckily, the bus contained Ball employees who had built the satellite’s components, like the ozone mapping profiler. “One of the Ball mechanical technicians crawled up under the truck,” says Cosart.

It all ended fine, just later than expected. Which can be a big deal when your cargo is en route to a space launch. Every liftoff has a window of opportunity. If a vehicle doesn’t make it to the spaceport in time for prep, the window will shut on their fingers. For vehicles like NASA’s planetary spacecraft, that window might not open again for a while, as it’s “predicated on how the stars align, quite literally,” says Worthington.

There’s that saying: “It’s not about the destination; it’s about the journey.” And that may be true for, you know, life. But for spacecraft-hauling trucks, it’s definitely about both.

Wide Load Watch

  • Space systems, like JPSS, can be touchy, even though they ride to space on rockets, which is why the ride from building-spot to launchpad has to be so smooth.
  • McCollister’s uses drivers to move such delicate technology around the continent. But not all companies think humans play a big part in the future of the land-shipping industry.
  • That might not be so fun for the drivers who will probably still have to sit in the cab and babysit the auto-systems.

Tech

via Wired Top Stories https://ift.tt/2uc60ci

May 2, 2018 at 07:15AM