Tea

A recent measurement study by Prof. Doug Leith, Professor of Computer Systems in Trinity’s School of Computer Science and Statistics, shows that advertising and tracking cookies and other device and user identifiers are sent by Google servers and stored on a handset, even when no Google apps have ever been opened by the user.

Key findings

• Proofpoint researchers identified a highly targeted email-based campaign targeting fewer than five Proofpoint customers in the United Arab Emirates with a distinct interest in aviation and satellite communications organizations, along with critical transportation infrastructure.
• The malicious messages were sent from a compromised entity in a trusted business relationship with the targets, and used lures customized to every target.
• This campaign led to the newly discovered backdoor dubbed Sosano by Proofpoint, which leveraged numerous techniques to obfuscate the malware and its payload, likely indicating an adversary with significant development capabilities with an interest in protecting their payloads from easy analysis.
• The campaign used polyglot files to obfuscate payload content, a technique that is relatively uncommon for espionage-motivated actors in Proofpoint telemetry and speaks to the desire of the operator to remain undetected.
• Proofpoint tracks this new threat cluster as UNK_CraftyCamel.

The more students turn to chatbots, the fewer chances they have to develop real-life relationships that can lead to jobs and later success

In many Facebook groups, dynamics used by teenagers to meet friends or find boyfriends or girlfriends are exploited by some users who try to contact minors with sexual intentions.

Imagine you are a pre-teen somewhere in Latin America. You pick up your phone and open Facebook. The app suggests you check a group dedicated to one of your favorite bands, because you have already liked the official page of that band. Once in the group, you expect to meet people who share your love for this music. First, you find posts asking who your favorite band member is, or what song you like the best. But soon you start to see posts from people who say they want to talk to you. “If you see your age, comment,” reads a post, along with a list of ages ranging from seven to 21.

You see your age, so you decide to comment. Many people reply telling you they want to add you and chat privately. You add some of them and write to them. Then, in the group, the posts turn more explicit. They no longer ask you to comment if you see your age, but if you see the shape of your breasts or your bottom in a series of images. Other messages promise to “show it to you,” with explicit references to penises, like eggplant emojis, or drawings where a shadow of one or a woman about to give oral sex can be seen. You have already interacted in these groups, you have added friends and chatted with some of them, so you decide to comment on these posts as well. You add some of the people who reply to you and, privately, they can ask you, or even convince you, to send them explicit images of your body.

Complex, costly charging infrastructure is limiting the adoption of EVs

Link to the 31-page lawsuit.

(...) The Complaint details a scheme where the named defendants, acting on behalf of Passes, recruited young women, that they knew were minors, to create pornography before they reached the age of 18, and to distribute that child pornography on the Passes platform to paying subscribers, both before and after the subject became of age.

The Complaint further details how Passes and the individual defendants took to disguise their scheme and to cover their tracks once their sexual exploitation of minor women was revealed, including changing its public representations about the compliance policy just two days ago, and also about its relationship with Celestin.