An online firm that helps customers obtain copies of their birth certificates from state and local authorities left some 720,000 applications on an unsecured Amazon Web Services (AWS) cloud storage system, TechCrunch reported on Monday.
TechCrunch didn’t disclose the name of the company, but it reported UK-based cybersecurity firm Fidus Information Security first heard of the breach and that the site subsequently verified the contents of the unprotected directory by checking it against public records. In addition to the hundreds of thousands of applications for copies of birth certificates dating to late 2017, which were stored without password protection at an “easy-to-guess web address,” TechCrunch wrote the bucket also contained well over 90,000 applications for copies of death certificates. Those, fortunately, were protected.
Data contained in the exposed files included names, dates of birth, home addresses, email addresses, phone numbers, and other information such as “past addresses, names of family members, and the reason for the application.” According to TechCrunch, its reporters as well as Fidus sent “several emails” warning the company of the exposed directory, receiving “only automated emails” and resulting in no action. Amazon told TechCrunch it would not take direct action to secure the files but would warn the company, while the site reported the “local data protection authority” didn’t have an immediate comment.
Obviously, this is just one more drop in the deluge of data breaches that have happened in recent years—one report from researchers at Comparitech released earlier this year estimated that since 2008, there had been almost 9,700 reported breaches involving over 10.7 billion records, with financial damages roughly estimated at over $1.6 trillion. At the same time, identify theft scams have become both more rampant and more sophisticated. Amazon itself was recently hit with an “extensive” phishing scheme directed at sellers on its marketplace platform, allowing the attackers to siphon cash from both sales proceeds and Amazon-backed business loans.
Much of the time, these incidents are due to sloppy security; after a hacker absconded with extensive data on more than 106 million Capital One customers, reports indicated that the company had neglected to routinely enact basic cybersecurity measures. After a separate breach this year hit Bulgarian government systems storing data on millions of taxpayers, the hackers behind it reportedly released a statement saying “Your government is stupid. Your cybersecurity is a parody.”
A compilation of most of times when one of the greatest movie quotes of all movie history was used in popular culture: My name is Inigo Montoya. You killed my father. Prepare to die.
Oculus Quest has received a surprise update that has added a feature that was not expected until 2020. The Quest is now capable of hand tracking as of update v12, which will allow you to handle applications and eventually games without the need for controllers–instead it’ll follow the movement of your hands.
The Oculus Quest, which does not require a powerful PC to run, is now capable of some more advanced VR immersion. A video in the tweet that announced the new hand tracking update showing off how you can easily control a video playing in VR without a controller now–all you need to do is turn on hand tracking in the Experimental Features menu.
In an announcement post on the Oculus Blog, Oculus has also promised a new developer SDK, so that this technology can move beyond the first-party apps that currently make use of the new function. This will allow developers to modify their games for hand tracked controls. “We’ll continue to add new features and functionality to improve the experience of hand tracking on Quest in 2020,” the post promises.
“We hope hand tracking will make VR more approachable for newcomers to try by removing the need to learn controller functions. And for those who own Quest, when the hardware melts away you can be fully immersed in the magic of VR while connecting with others in a seamless, intuitive way.”
This makes the Oculus Quest the first commercial VR headset with native hand tracking on the market. Hopefully developers will find interesting ways to use this in their games in 2020.
Want us to remember this setting for all your devices?
USAF Boeing B-52H Stratofortress taking-off with undercarriage retracting and trailing-edge wing flaps lowered at the 1998 Fairford Royal International Air Tattoo RIAT.
Glenn House and his colleagues spent more than four years making a new toilet for the B-1 Lancer. The challenge wasn’t fitting the john into the cockpit (it went behind the front left seat) but ensuring that every part could handle life aboard a plane that can pull five Gs, break the sound barrier, and spend hours in wildly fluctuating temperatures. The end result didn’t just have to work. It had to work without rattling, leaking, or revealing itself to enemy radar. Getting it OK’d for use aboard the bomber was just as complex as making it. “Getting a part approved can take years,” says House, the cofounder and president of Walpole, Massachusetts-based 2Is Inc.
Until last year, 2Is was in the military parts business, furnishing replacement bits for assorted defense equipment. (Pronounced “two eyes,” it sold off the parts business and now focuses on defense-related supply-chain software.) Providing spare parts for the military is a peculiar niche of the economy. Things like aircraft and submarines spend decades in service, and the companies that made them or supplied their myriad parts often disappear long before their products retire. So when something needs a new knob, seat, or potty, the military often turns to companies that specialize in making them anew.
These outfits must work from dusty two-dimensional drawings or recreate long-lost molds that exactly match the standards of the original parts. Working on very small orders—sometimes for just two or three of a given item—they don’t enjoy the economies of scale that make it reasonable to spend five figures on tooling. A fussy approval process can mean waiting years to recoup an investment. And so, in many cases, they don’t bid on these military contracts, preferring steadier, more reliable jobs.
That’s a problem for the Air Force, whose fleet dates largely from the Cold War. Its C-5, B-52, and KC-135 planes average 40, 56, and 57 years old, respectively. The average Air Force aircraft is 23 years old. Every quarter, the military branch sees 10,000 part requests go unfilled, despite its readiness to pay an exorbitant amount of money to replace bits and bobs that once cost pennies—try $10,000 for a toilet seat cover in a C-17 Globemaster III.
“We’re gonna have to find better ways to keep old things flying,” says Will Roper, the assistant secretary of the Air Force for acquisition technology and logistics. And he has one, represented by the toaster-sized piece of plastic he keeps in his office. It’s a latrine panel for a C-5 Supergalaxy cargo plane. In the past, the Air Force has paid $8,500 to replace this part. But this one cost just $300, because it’s 3D-printed.
Roper says that 3D printing, also called additive manufacturing, can produce many of the parts for which the Air Force finds itself desperate, from C-5 gasket handles to F-15 longerons. “If I need two or three parts for a B-52,” he says, “I can just turn that over to one of our printers.” In the past few years, the Air Force has made thousands of parts this way, and it can work for just about anything made of metal or plastic. Composite and carbon fiber could work, too— even circuit boards.
Advanced Manufacturing Olympics
But a novel approach means novel problems. It’s still not easy to turn a two-dimensional drawing into something a 3D printer can understand. The Air Force needs new ways to prove that these parts can handle the rigors of life in the air, that they’ll be as durable and reliable as the originals. Its scientists are exploring new techniques and creating their own mixes of metals to suit their needs. But Roper is eager to move their work out of the experimentation phase.
That’s why he’s organizing a new kind of war game: the Air Force Advanced Manufacturing Olympics. Slated for July 8-9 in Salt Lake City, the competition aims to bring in all sorts of players—additive manufacturing companies, traditional defense contractors, tech startups, universities—to compete to solve various problems.
The “open box of parts floor exercise” will ask teams to replicate certain parts without being given the design specifications, while meeting the Air Force’s exacting standards. “Approval sprints” will be about developing new ways to prove their work is as good as what came before. In the “supply chain marathon,” teams will puzzle over how to get a fresh part to a given place, like Afghanistan. Maybe it’s better to make it in the US and ship it, or to keep 3D printing machines at the front line, or something in between. Roper and his team at the newly created Rapid Sustainment Office are still working out the prizes for these events, but those rewards will be some mix of money and the chance to work with the Air Force or its contractors. Medals will be 3D-printed, of course.
Beyond solving these individual problems, Roper hopes to rethink how the Air Force maintains its arsenal. Upkeep and logistics account for 70 percent of a platform’s total cost, and every dollar saved here can go to another program (or back to taxpayers).
When 2Is was founded in 2002, House thought additive manufacturing had a lot of potential. But until a few years ago, the technology wasn’t at the point where it could make parts that were precise and durable enough for military use. “We retreated to the standard manufacturing process,” he says. While he thinks these techniques are a tough sell for safety-critical parts like struts, engine blades, and landing gear, he says he’s encouraged to see the Air Force take an aggressive approach to advancing the new technology. And that if he was still in the parts business, he’d make the trip to Salt Lake City and go for the gold.
A new study finds time-restricted eating helped overweight people who were at high risk of developing Type 2 diabetes to lose about 3% of their body weight, reduce belly fat and feel more energetic.
In addition to recent news of its bizarre issue with segregating bathrooms, Uber has long struggled with keeping its passengers safe, though we only now know the extent of the problem (in the U.S., at least) courtesy of the company’s first study on unsafe incidents involving the ridesharing service.
According to Thursday’s report, which only covered U.S. rides between 2017 and 2018, last year alone Uber received 3,045 reports of sexual assaults during trips with another nine people murdered and 58 killed in crashes. The numbers from 2017 tell a nearly identical story. Uber said it used an intentionally broad definition of sexual assault that ranges from nonconsensual kissing of any “nonsexual body part” to attempted rape and rape, with the majority of documented incidents involving unwanted touching of a “sexual body part,” i.e. a person’s mouth or genitalia.
Though previous investigations have already shed plenty of light on how pervasive reports of sexual assault and other violent acts involving the service are, Uber’s transparency marks some of the first official numbers on the subject, as no police department or government body currently tracks crimes specifically related to ridesharing services. Competitors like Lyft haven’t shared comparable figures either.
“We don’t believe corporate secrecy will make anyone safer,” Uber states in the report’s executive summary.
In reminders diligently peppered throughout the study, the company reiterates that these incidents represent a small fraction of the total 2.3 billion Uber rides completed in the U.S. during that same period, and that of the nearly 4 million trips taken every day using the service, 99.9 percent end with no reported safety incidents.
Even still, Uber’s chief legal officer and a leading force behind the report, Tony West, called the findings “jarring and hard to digest” in an interview with the New York Times. CEO Dara Khosrowshahi also expressed his sentiments on Twitter for the victims of these thousands of documented incidents.
“My heart is with every survivor of this all-too-pervasive crime. Our work will never be done, but we take an important step forward today,” he tweeted Thursday.
And apparently people booking a ride aren’t the only ones at risk. “Drivers are victims, too,” the company wrote in its executive summary. While 92 percent of reported rape victims were passengers, drivers and riders both reported other types of sexual assaults such as unwanted kissing and touching at similar rates, Uber said. And of the 19 murders Uber documented during that two-year period, seven of the victims were drivers while eight were passengers (the company refers to the remaining four as “third-parties” such as nearby bystanders).
With this report (and a promise to keep releasing these stats every two years from now on), Uber appears to be making good on last year’s promise that the company’s “getting serious about safety”. Since then, Uber’s implemented several new security features such as an in-app emergency button that silently shares your location and trip details with 911, an option to share your ride information with a trusted third-party so they can know you’ve arrived safely, and an ID check feature that makes drivers prove with a selfie that they are who their account says they are. The company’s also purportedly tripled the size of its safety team to 300 employees since 2017, which I can assume was in part made possible by its several recent rounds of lay-offs that gutted other departments such as marketing and engineering.
Uber’s also apparently been beefing up its screening requirements for who’s allowed to drive for the company in the first place. According to Uber, more than 40,000 drivers have been kicked from the service after it implemented a system that continuously screens drivers for any possible recent criminal offenses. Uber’s background checks disqualify anyone with a felony conviction in the last seven years, though in the case of certain violent felonies like sexual assault, kidnapping, and murder, there’s no such time period limit. During the two-year period studied in Uber’s safety report, the company said its screening process filtered out more than a million prospective drivers who failed to pass these checks.
Along with today’s report, the company noted its currently researching ways to create a black-list of banned drivers in addition to several other new safety measures planned for 2020. According to the Times’ report, West also said Uber plans to share information with competing ridesharing companies about possibly dangerous drivers that passengers have reported, though he didn’t go into detail.
Admittedly, the bar is ridiculously low for any safety features Uber comes up with. After all, this is the company that marketed a phony “Safe Rides Fee” to scam passengers out of billions. All Uber has to do is avoid shamelessly profiting off its shady reputation.
Google Maps is great for getting directions while driving and using public transport, but in the last year it has been rolling out more features focused on traveling by foot as well. Recently, the company introduced AR walking directions and detailed spoken walking directions for people with vision impairments. In the future, Google may be adding a new feature to help people find safer streets to walk at night.
According to XDA Developers, an Android development community whose members have analyzed the Android APK to look for unreleased features, there are indications of a new Lighting layer in Google Maps. This layer would indicate which streets are brightly lit by street lights by showing a yellow highlight.
This could make it safer for walkers who want to avoid dark streets at night, which is a concern among many users according to a popular Tweet from a few months ago.
I wish Google Maps had a "I’m walking home by myself at night" mode that would show you a way with well lit paths and open spaces. It always seems to take you on narrow, dark pathways in cities ?
The Lighting feature remains unconfirmed and there are no screenshots of it in action yet. However, given the code that was uncovered, it seems likely that it will arrive at some point in the future. XDA Developers speculates that it may be rolled out in India first, in response to the spate of recent brutal attacks and rapes of women which have made headlines in the country.
One open question is how Google will gather information about street lighting conditions. Infrastructure including smart street lights is still rare, so the company may collect user-submitted data similar to the way it does for traffic incidents.
