Month: August 2022

Enlarge (credit: Getty Images / Aurich Lawson)

Last year, organizations spent $2 billion on products that provide Endpoint Detection and Response, a relatively new type of security protection for detecting and blocking malware targeting network-connected devices. EDRs, as they're commonly called, represent a newer approach to malware detection. Static analysis, one of two more traditional methods, searches for suspicious signs in the DNA of a file itself. Dynamic analysis, the other more established method, runs untrusted code inside a secured "sandbox" to analyze what it does to confirm it's safe before allowing it to have full system access.

EDRs—which are forecasted to generate revenue of $18 billion by 2031 and are sold by dozens of security companies—take an entirely different approach. Rather than analyze the structure or execution of the code ahead of time, EDRs monitor the code's behavior as it runs inside a machine or network. In theory, it can shut down a ransomware attack in progress by detecting that a process executed on hundreds of machines in the past 15 minutes is encrypting files en masse. Unlike static and dynamic analyses, EDR is akin to a security guard that uses machine learning to keep tabs in real time on the activities inside a machine or network.

(credit: Nohl and Gimenez)

Streamlining EDR evasion

Despite the buzz surrounding EDRs, new research suggests that the protection they provide isn't all that hard for skilled malware developers to circumvent. In fact, the researchers behind the study estimate EDR evasion adds only one additional week of development time to the typical infection of a large organizational network. That's because two fairly basic bypass techniques, particularly when combined, appear to work on most EDRs available in the industry.

Enlarge / View from a survey flight over the Helheim/Kangerdlugssuaq region of Greenland. (credit: NASA/John Sonntag)

While it's possible to halt global warming by halting our greenhouse gas emissions, sea level rise is a consequence that keeps on giving. Great ice sheets like Greenland and Antarctica have tremendous inertia—they're slow to melt but carry on melting even after the thermometer stabilizes. There are many reasons for this, including complex processes beneath glaciers that control their rate of downhill flow. And this complexity makes projecting ice loss over the coming century—and centuries—exceptionally challenging.

In the face of this formidable complexity, a new study led by Jason Box at the Geological Survey of Denmark and Greenland opts for a simple approach to projecting Greenland's future. Rather than attempting to simulate as much physics and detail as possible in a model, the team used a simple equation to calculate what portion of the ice is vulnerable in the current climate.

Finding the line

Glacial ice deforms under its own weight, flowing outward and downhill like slow-motion pancake batter. The low elevation and—for an ice sheet like Greenland's—coastal environment at the ice's edge is much warmer, and ice melts away here even as snow accumulates over the colder interior of the ice sheet. The point where the net result changes from gaining mass to losing mass is called the "equilibrium line." Increase air temperatures, and this line will push up to higher elevations, exposing more ice to melting until the glacier shrinks.

Enlarge / A huge logo greets workers heading to the assembly line at a Tesla factory on February 19, 2015, in Fremont, California. (credit: Getty Images | San Francisco Chronicle/Hearst Newspapers)

Tesla violated US labor law by implicitly banning employees from wearing shirts with union insignias, the National Labor Relations Board ruled yesterday. In addition to ruling that Tesla broke the law, the NLRB overturned a Trump-era decision in a similar case involving Walmart.

The NLRB's 3-2 decision went along party lines, with Republicans dissenting. The Democratic majority said it "found that it was unlawful for Tesla to maintain a policy requiring employees to wear a plain black T-shirt or one imprinted with the employer's logo, thus prohibiting employees from substituting a shirt bearing union insignia." Tesla's strict enforcement of the policy began in 2017, shortly after employees started wearing union shirts in a Fremont, California, factory.

Such "interference is presumptively unlawful, and the employer has the burden to establish special circumstances that make the rule necessary to maintain production or discipline," the NLRB said. The majority further ruled "that Tesla failed to establish special circumstances in this case."

Enlarge (credit: NurPhoto / Contributor | NurPhoto)

Even though Twitter's terms of service explicitly ban posts glorifying self-harm and media depicting "visible wounds," independent researchers report that Twitter too often seemingly looks the other way regarding self-harm. Researchers from the Network Contagion Research Institute (NCRI) estimate there are "certainly" thousands, and possibly "hundreds of thousands," of users regularly violating these terms without any enforcement by Twitter. The result of Twitter's alleged inaction: Since October, posts using self-harm hashtags have seen "prolific growth."

According to reports, Twitter was publicly alerted to issues with self-harm content moderation as early as last October. That's when a UK charity dedicated to children's digital rights, 5Rights, reported to a UK regulator that there was a major problem with Twitter's algorithmic recommendation system. 5Rights' research found that Twitter's algorithm "was steering accounts with child-aged avatars searching the words' self-harm' to Twitter users who were sharing photographs and videos of cutting themselves."

In October, Twitter told Financial Times that "It is against the Twitter rules to promote, glorify, or encourage suicide and self-harm. Our number-one priority is the safety of the people who use our service. If tweets are in violation of our rules on suicide and self-harm and glorification of violence, we take decisive and appropriate enforcement action."

Enlarge / The SmartDry laundry sensor was widely regarded as a useful smart home gadget that saved money and time. When its owners' servers go dark at the end of September, users face a useless device or a notable DIY journey. (credit: Getty Images)

SmartDry was a smart home product that did something useful: tell you when your clothes in your dryer were actually dry.

A small pack mounted inside nearly any dryer drum could prevent clothes from shrinking, save you energy costs (at least $60 per year, the marketing claimed), and even warn you about clogged vents causing high heat—or, much worse, gas buildup. A second-generation version could even turn off your gas dryer automatically. Reviewers greatly preferred it to their own dryers' unpredictable dryness sensors.

The problem is that SmartDry alerted you to dry clothing by connecting to your home's Wi-Fi; the device sent a message to parent company Connected Life's servers and then relayed that message to your smartphone. But Connected Life Labs is closing, discontinuing SmartDry, and shutting down its servers on September 30. After that, "cloud services will cease operations and the product apps will no longer be supported."

Enlarge / Isotopes in sediment cores like these can provide indications of past temperatures. (credit: E Alaska Scientific Party)

In a paper recently published in Science, Professor Nele Meckler of the University of Bergen and colleagues argue that the climate between around 35 and 60 million years ago may have been considerably warmer than we thought. Their finding suggests that a given level of CO₂ might produce more warming than prior work indicated, and it hints that the ocean circulated differently during that warm, ice-free climate.

Their conclusions come from new measurements of carbon and oxygen isotopes found in the shells of tiny creatures, called benthic foraminifera or “forams,” that lived on the seafloor at the time. Earlier work with similar samples had estimated temperatures using oxygen isotopes—a technique that could be confused by changes in how much water was locked away in ice at the poles and, to a lesser extent, variations in ocean salinity. The new study used a technique that registers temperatures more reliably and produced much warmer numbers.

A newer, clearer thermometer

Benthic foram oxygen isotopes have been a mainstay of ancient global climate studies, with the latest most detailed record extending back 60 million years. Deep ocean temperatures reflect ocean surface temperatures over timescales longer than about 1,000 years because the global “conveyor belt” of ocean circulation turns over on that timescale. Oxygen isotopes in that water reflect ocean surface temperature, and by extension global climate, because water with the heavier isotope oxygen-18 is a bit harder to evaporate than water with oxygen-16; when the sea is warmer and there’s more evaporation, oxygen-18 builds up in the oceans.

Enlarge (credit: Getty Images)

Using an artificial intelligence computer vision system developed by French IT firm Capgemini, the French tax office (often called "Le Fisc") has identified 20,356 residential swimming pools that had previously gone undeclared. According to The Guardian, this has opened up €10 million in additional tax revenue, leading the way to the government taxing other undeclared architectural features such as annexes or verandas.

To find undeclared pools, Capgemini's software—with help from Google's cloud processing—automatically recognizes pools in aerial photographs (by looking for blue rectangles, for instance) and compares the results to records in real estate and tax databases. If it finds that a relevant address doesn't have a pool registered, the owner is in violation of tax law. The program began last October on a limited basis, covering only nine out of 96 metropolitan departments. At first, the system confused solar panels for swimming pools with an error rate of 30 percent, but Le Fisc says that it has since increased the accuracy.

The French government taxes real estate based on its rental value, which increases when owners build additions or improvements such as swimming pools. For example, a 30 square meter swimming pool will result in around €200 of extra taxes per year. Private pools have lately become more popular in France due to the recent heat wave, but they're also controversial due to their water usage during a historic drought.