Security

• Prisons transcribe private phone calls with inmates using speech-to-text AI

  Plus: A drug designed by machine learning algorithms to treat liver disease reaches human clinical trials and more
  Katyanna Quach Sat 4 Dec 2021 // 15:48 UTC 29

  In brief Prisons around the US are installing AI speech-to-text models to automatically transcribe conversations with inmates during their phone calls.

  A series of contracts and emails from eight different states revealed how Verus, an AI application developed by LEO Technologies and based on a speech-to-text system offered by Amazon, was used to eavesdrop on prisoners’ phone calls.

  In a sales pitch, LEO’s CEO James Sexton told officials working for a jail in Cook County, Illinois, that one of its customers in Calhoun County, Alabama, uses the software to protect prisons from getting sued, according to an investigation by the Thomson Reuters Foundation.

  Continue reading

• Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

  Another terrible launch, but DICE is already working on improvements
  Richard Currie Sat 4 Dec 2021 // 09:00 UTC 12

  The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

  I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

  The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

  Continue reading

• American diplomats' iPhones reportedly compromised by NSO Group intrusion software

  Reuters claims nine State Department employees outside the US had their devices hacked
  Thomas Claburn in San Francisco Sat 4 Dec 2021 // 01:54 UTC 36

  The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters.

  NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

  "Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case."

  Continue reading

• Utility biz Delta-Montrose Electric Association loses billing capability and two decades of records after cyber attack

  All together now - R, A, N, S, O...
  Gareth Corfield Fri 3 Dec 2021 // 22:06 UTC 23

  A US utility company based in Colorado was hit by a ransomware attack in November that wiped out two decades' worth of records and knocked out billing systems that won't be restored until next week at the earliest.

  The attack was detailed by the Delta-Montrose Electric Association (DMEA) in a post on its website explaining that current customers won't be penalised for being unable to pay their bills because of the incident.

  "We are a victim of a malicious cyber security attack. In the middle of an investigation, that is as far as I’m willing to go," DMEA chief exec Alyssa Clemsen Roberts told a public board meeting, as reported by a local paper.

  Continue reading

• Feds charge two men with claiming ownership of others' songs to steal YouTube royalty payments

  Alleged scheme said to have netted $20m since 2017
  Thomas Claburn in San Francisco Fri 3 Dec 2021 // 21:54 UTC 22

  The US Attorney's Office of Arizona on Wednesday announced the indictment of two men on charges that they defrauded musicians and associated companies by claiming more than $20m in royalty payments for songs played on YouTube.

  The 30-count indictment against Jose Teran, 36, of Scottsdale, Arizona, and Webster Batista, 38, of Doral, Florida, was returned by a grand jury on November 16, 2021. It accuses the two men of conspiracy, wire fraud, transactional money laundering, and aggravated identity theft in connection with a scheme to steal YouTube payments.

  "In short, Batista and Teran, as individuals and through various entities that they operate and control, fraudulently claimed to have the legal rights to monetize a music library of more than 50,000 songs," the indictment [PDF] alleges.

  Continue reading

• Hot not-Spot-bot spot: The code behind Xiaomi's CyberDog? Ubuntu

  Your four-legged open-source friend? CIMON says 'Maybe'
  Richard Speed Fri 3 Dec 2021 // 21:18 UTC 11

  Linux fans rejoice: the smarts running behind Xiaomi's Not-Spot, CyberDog, emanate from none other than Ubuntu 18.04.

  The Register asked Canonical why not something a little fresher, such as 20.04, and were told by robotics product manager, Gabriel Aguiar Noury, that "the operating system is running 18.04 rather than 20.04 because they are using Jetson, and 18.04 is more compatible for the approach the team had in mind."

  The CyberDog bounded onto the global stage in August and represented the company's first foray into the world of quadruped robotics.

  Continue reading

• What will life in orbit look like after the ISS? NASA hands out new space station contracts

  The end is coming, and nobody wants a homeless 'naut
  Richard Speed Fri 3 Dec 2021 // 20:23 UTC 34

  NASA has splashed the cash on design contracts for space stations and a multibillion-dollar job for more Artemis boosters.

  With the days of the International Space Station (ISS) numbered, NASA is looking to maintain an uninterrupted US presence in low-Earth orbit. Although Axiom Space has plans to build from the ISS, the $415.6m award is about developing space station designs and "other commercial destinations in space."

  Blue Origin, which has partnered with Sierra Space to develop the Orbital Reef, received $130m. Nanoracks, which is working on a commercial low-Earth orbit destination called "Starlab" (with Voyager Space and Lockheed Martin), received $160m, and Northrop Grumman's Cygnus-based station received $125.6m. The Cygnus currently does duty as a freighter for the ISS.

  Continue reading

• Why your external monitor looks awful on Arm-based Macs, the open source fix – and the guy who wrote it

  Q&A with the developer of BetterDummy: from macOS secrets to his motivations
  Fernando Cassia Fri 3 Dec 2021 // 19:36 UTC 31

  Interview Folks who use Apple Silicon-powered Macs with some third-party monitors are disappointed with the results: text and icons can appear too tiny or blurry, or the available resolutions are lower than what the displays are capable of.

  It took an open source programmer working in his spare time to come up with a workaround that doesn't involve purchasing a hardware dongle to fix what is a macOS limitation.

  István Tóth lives in Hungary, and called his fix BetterDummy. It works by creating a virtual display in software and then mirroring that virtual display to the real one, to coax macOS into playing ball. The latest version, 1.0.12, was released just a few days ago, and the code is free and MIT licensed.

  Continue reading

• Chill out to the sounds of an expert typing on a variety of mechanical keyboards

  A truly rare groove
  Liam Proven in Prague Fri 3 Dec 2021 // 18:45 UTC 11

  Discerning writers and programmers know that keyboards matter. It's mostly the feel, but the best feel tends to come from mechanical key switches and they make a noise as they activate.

  That feeling goes hand in hand with a chorus of soft clicks… and thanks to custom keyboard guru Taeha "Nathan" Kim and weirdo label Trunk Records, you can relax to 43 minutes and 24 seconds of soothing sounds from 13 rare and limited-edition mechanical keyboards.

  Your correspondent is a bit of a fan of devices like this (this piece was typed on a 1991 IBM Model M; accept no substitute) – but no such brash, commonplace kit features on the album. Instead you can luxuriate to the Alps switches of a 1987 Apple Standard (why, yes, I do happen to have one of those too, but the linear cursor keys hinder daily use), and an M0110A from a Mac Plus, as well as more exotic kit.

  Continue reading

• Netgear router flaws exploitable with authentication ... like the default creds on Netgear's website

  Don't just install the patch, change your router passwords too
  Gareth Corfield Fri 3 Dec 2021 // 17:30 UTC 13

  Two arbitrary code execution vulnerabilities affecting a number of Netgear routers aimed at small businesses have been patched following research by Immersive Labs.

  The vulns rely on authenticated access to affected devices so aren't an immediate threat. They do, however, allow someone with remote access to the router to pwn the device's underlying OS, threatening the security of data passing through the router.

  Helpfully, Netgear itself publishes default login credentials for "most" of its products on its website. If you haven't been into your Netgear router's admin panel and changed these default creds, you're at increased risk.

  Continue reading

• Not only was the UK Financial Ombudsman Service's Workday system months late, 38 IT workers' jobs are at risk

  Questions remain over data warehouse dependencies and redundancies
  Lindsay Clark Fri 3 Dec 2021 // 16:56 UTC 8

  The UK's Financial Ombudsman Service (FOS) has gone live on Workday finance and HR systems around three months later than planned, drawing questions over an interdependent data warehouse project.

  At the same time, the process has seen IT roles marked for redundancy and set to be transferred to a service supplier.

  The watchdog was set up by Parliament in 2001 to resolve complaints between financial businesses and their customers. This week, Workday published a statement boasting that the implementation of its software at the FOS had gone live.

  Continue reading