ICYMI: Leak Confirms Our Phones Are Listening To Us

Most people distrust their drinking water supply worldwide, with consequences for public health, the environment, and the economy, according to an article from Newsweek. An international survey found that 52.3 percent of those polled globally said they expected to be seriously harmed by their drinking water within the next two years. “If we think our water is unsafe, we will avoid using it,” said senior author Professor Sera Young, global health scientist at Northwestern University, in a statement. “When we mistrust our tap water, we buy packaged water, which is wildly expensive and hard on the environment; drink soda or other sugar-sweetened beverages, which is hard on the teeth and the waistline; and consume highly processed prepared foods or go to restaurants to avoid cooking at home, which is less healthy and more expensive.”

A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering, according to an article from TechRepublic. The data is relayed to the fraudsters before being used to steal cash. The cyberattack, based on both a complex social engineering scheme and the use of a new Android malware, is capable of stealing users' near field communication data to withdraw cash from NFC-enabled ATMs.

Meta CEO Mark Zuckerberg says senior Biden administration officials pressured Facebook to “censor” some COVID-19 content during the pandemic and vowed that the social media giant would push back if it faced such demands again, according to an article from the Associated Press. In a letter to Rep. Jim Jordan, the Republican chair of the House Judiciary Committee, Zuckerberg alleges that the officials, including those from the White House, “repeatedly pressured” Facebook for months to take down “certain COVID-19 content including humor and satire.” The officials “expressed a lot of frustration” when the company didn't agree, he said in the letter.

Millions of people have long suspected it, but now a leak suggests that our phones really are listening to us, according to an article from The Daily Mail. An apparent pitch deck from one of Facebook's alleged marketing partners appears to detail how the firm eavesdrops on users' conversations to create targeted ads. In a slideshow, Cox Media Group (CMG) claims that its 'Active-Listening' software uses AI to collect and analyze 'real-time intent data' by listening to what you say through your phone, laptop, or home assistant microphone.

The world's largest flight-tracking platform FlightAware has recently warned customers that their personal data has been exposed since 2021, because of a rare “configuration error,” according to an article from tech.co. According to FlightAware's written statement, the company only discovered the issue on July 25, and sensitive information could include email addresses and passwords, as well as personally identifiable information (PII) like full names, years of birth and Social Security Numbers. It's unknown whether the exposed data has been stolen or compromised, and how many users have been affected. Yet, with FlightAware having 12 million registered users, the extent of the incident could be pretty widespread.

On August 13, 2024, loads of Linux users — many running packages released as early as this year — started reporting their devices were failing to boot, according to an article from ArsTechnica. Instead, they received a cryptic error message that included the phrase: “Something has gone seriously wrong.” The cause: an update Microsoft issued as part of its monthly patch release. It was intended to close a 2-year-old vulnerability in GRUB, an open source bootloader used to start up many Linux devices. The vulnerability, with a severity rating of 8.6 out of 10, made it possible for hackers to bypass secure boot, the industry standard for ensuring that devices running Windows or other operating systems don't load malicious firmware or software during the bootup process. CVE-2022-2601 was discovered in 2022, but for unclear reasons, Microsoft patched it only on August 13.

Now that Google has been found to operate an illegal monopoly, can you imagine what things might be like without Google? One of the very, very real possibilities is that the U.S. Department of Justice will order the breakup of Google, making room for other choices in the vacuum created by the void. That's the premise of an article from TechCrunch. This may be the fast track to reshaping the internet, and allowing other players to “set the tone” for the internet's future.

There was “another announcement” from Google, besides the release of their Pixel 9 line of phones, in late August. Perhaps hoping that the Pixel 9 line of phones would win over the headlines, the “other” announcement is a concerning vulnerability that was discovered in many of the Google Pixel phones. According to an article from Lifehacker, the issue, discovered by the “mobile threat hunting” company iVerify, stemmed from an app package called “Showcase.apk.” This app package's main purpose was to allow retailers like Verizon stores to switch in-store Pixel units into “demo” mode, which would alert the version of Android running on the phone. If you've ever used a demo phone in one of these retailers, you'll know it isn't running “typical” Android. Not only was Showcase.apk silently baked into all Pixel phones since at least 2017, but when active, it runs in a “highly privileged context,” which allows the app package to affect your phone's OS. iVerify found that, in the unlikely chance a bad actor had physical access to your device and activated the program, they'd be able to take over your phone, and install malware and spyware on the device. If you haven't yet updated your Pixel phone, you might want to do so posthaste.

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders that, as of August 2024, a group of Iran-based cyber actors continues to exploit U.S. and foreign organizations, according to a notice posted on the CISA website. This includes organizations across several sectors in the U.S. (including in the education, finance, healthcare, and defense sectors as well as local government entities) and other countries (including in Israel, Azerbaijan, and the United Arab Emirates). The FBI assesses a significant percentage of these threat actors' operations against US organizations are intended to obtain and develop network access to then collaborate with ransomware affiliate actors to deploy ransomware. The FBI further assesses these Iran-based cyber actors are associated with the Government of Iran (GOI) and—separate from the ransomware activity—conduct computer network exploitation activity in support of the GOI (such as intrusions enabling the theft of sensitive technical data against organizations in Israel and Azerbaijan).

Sierra Space is putting the final pre-flight finishing touches on its new line of spacecraft, named the Dream Chaser. If you think it looks a lot like the retired Space Shuttle, you would be correct. The Space Shuttle began in the late 1960s using a “lifting body” design, which Sierra Space mimicked, but with technologies that have grown exponentially in the ensuing 60 years. The initial version will be an unmanned cargo space plane, with a manned version also planned. This initial iteration will be capable of carrying six tons of cargo to the ISS (International Space Station), which will be expanded to eight tons with the Shooting Star cargo module attached to the aft portion of the plane. The Dream Chaser space plane is approximately one-fourth the size of the former Space Shuttle. The first version of the unmanned space plane is called Tenacity. Sierra Space plans to build a whole fleet of both the manned and unmanned space planes, as well as planning a commercial space station for scientific research and space tourism. You can watch a video about the new space plane on YouTube.

The European Union's highest court delivered the 27-nation bloc a major victory on Tuesday in its years-long campaign to regulate the technology industry, ruling against Apple and Google in two landmark legal cases, according to an article from the New York Times. The decisions, issued by the Court of Justice of the European Union, were seen as an important test of efforts in Europe to clamp down on the world's largest technology companies. Apple and Google have been frequent targets for E.U. regulators, and the companies have battled the cases with appeals.

In what many deem the trial of the century for the digital media landscape, legal representatives from the Justice Department and Google yesterday appeared before Judge Leonie M. Brinkema in the U.S. District Court for the Eastern District of Virginia, according to an article from DigiDay. The outcome of the proceedings could potentially result in the break-up of Google's empire, as officials from the Department of Justice appeal for divestiture of Google's sell-side ad tech tools. At issue is the government's investigation into whether Google's business practices and corporate culture have been skirting the rules of fair competition, namely whether it leveraged its dominant position in the display ad market. In its opening statement on Monday, the Justice Department sought to lay the groundwork in its attempt to show Google controlled the competition, controlled customers and controlled the rules.

The ESA/JAXA BepiColombo mission has successfully completed its fourth of six gravity assist flybys at Mercury, capturing images of two special impact craters as it uses the little planet's gravity to steer itself on course to enter orbit around Mercury in November 2026, according to an article from the ESA (European Space Agency). The closest approach took place at 23:48 CEST (21:48 UTC) on 4 September 2024, with BepiColombo coming down to around 165 km above the planet's surface. For the first time, the spacecraft had a clear view of Mercury's south pole.

Do you know how to spot a spam email or phishing attempt? That's what an article from Lifehacker lays out for you. From the choice of words used, to other “low-key” nudges, the article reveals certain clues you should look for that should raise your hackles or set off red-flag alarms in your mind.

Researchers at Tokyo Metropolitan University have developed a new type of electrochemical cell that can effectively convert a bicarbonate solution — a product derived from captured carbon — into a formate solution, which is a potent source of green fuel, according to an article from Interesting Engineering. It could be considered a major development in carbon capture and utilization technology. This innovation overcomes significant challenges in reactive carbon capture (RCC) and demonstrates performance levels similar to those of traditional gas-fed methods, which are usually more energy-intensive.

A Google executive boasted to co-workers the goal for the company's budding online advertising business in 2009 was to “crush” rivals in the digital ad market, according to evidence presented September 11, 2024 at the blockbuster federal antitrust trial targeting the tech titan, according to an article from the New York Post. The Justice Department highlighted remarks made by David Rosenblatt, Google's former president of display advertising, during the third day of the non-jury trial that alleges Google abused its control of digital market technology to siphon revenue from publishers and advertisers. “We'll be able to crush the other networks and that's our goal,” Rosenblatt said regarding Google's strategy at the time, according to documents reviewed in court.

Apple has been ordered to pay back €13 billion ($14.4 billion) worth of tax to Ireland by the European Court of Justice, according to an article from TechRepublic. Two of its subsidiaries illegally received tax benefits between 1991 and 2014, as these benefits were not available to other companies. Ireland issued tax rulings favouring Apple Sales International and Apple Operations Europe in 1991 and 2007, respectively. Both companies were incorporated in Ireland but were not tax residents. The rulings allowed them to calculate their taxable profits in the country based only on the activities of the Irish branches. However, because their head offices were outside Ireland and decisions related to the intellectual property licenses were made in the U.S., the rulings meant that profits generated by the companies' IP licenses were excluded from their tax base.

On September 12, 2024, Microsoft said it is cutting 650 roles at its Xbox gaming division, in the latest major round of layoffs to hit the video game industry, according to an article from CNBC. It marks the third series of redundancies in Microsoft's video game unit since the company's blockbuster acquisition of Activision Blizzard, the publisher behind the Call of Duty franchise, for $69 billion in cash. The U.S. tech giant confirmed to CNBC that it is cutting hundreds of roles at Xbox, in “mostly corporate and supporting functions.”

Federal civilian agencies across the U.S. government have until the end of the month to fix four key issues in Microsoft products after they were made public on September 10, 2024, according to an article from The Record. The Cybersecurity and Infrastructure Security Agency (CISA) said the four vulnerabilities affect widely used Microsoft tools and are already being exploited by hackers. The four bugs — CVE-2024-38226, CVE-2024-43491, CVE-2024-38014 and CVE-2024-38217 — were part of the 79 vulnerabilities included in the monthly security release from Microsoft.

An article from Outkick asks THE question about the supposed “five-second rule”: Do you ever eat food that's fallen on the floor? Not in public, obviously; you'd have to be an uncivilized swine to do that. Can you just imagine how many germs would be on the ground of a grocery store or a supermarket? If you drop food there, you had better leave it. I'm talking about when you're at home, and some of the Goldfish that you just poured in your hand spill over your outstretched palm and crash to your tiled kitchen floor. Now you face a dilemma. Do you leave it for your dog, pick it up and throw it away, or do you eat it?

An article from MIT Technology Review takes a look at how to fix the internet. If we want online discourse to improve, we need to move beyond the big platforms. We're in a very strange moment for the internet. We all know it's broken. That's not news. But there's something in the air—a vibe shift, a sense that things are about to change. For the first time in years, it feels as though something truly new and different might be happening with the way we communicate online. The stranglehold that the big social platforms have had on us for the last decade is weakening. The question is: What do we want to come next?

Astronomers pointed the powerful James Webb Space Telescope at a distant zone dubbed the “Extreme Outer Galaxy,” and zoomed in on dense cosmic clouds containing clusters of stars, according to an article from Mashable. In unprecedented resolution of this region, they spotted vibrant star formation, and potent jets of material ejecting from these hot objects. “What was fascinating and astounding to me from the Webb data is that there are multiple jets shooting out in all different directions from this cluster of stars,” NASA scientist Mike Ressler, who led observations, said in a statement. “It's a little bit like a firecracker, where you see things shooting this way and that.” The “Extreme Outer Galaxy” is located over 58,000 light-years (a light-year is almost 6 trillion miles) from the center of our galaxy. Earth, meanwhile, is some 26,000 light-years from the center.

Have you ever wondered what happens every minute of every day on the internet? That's exactly the question that an article from OpenText attempts to answer. You might be surprised by just how much data and internet interaction occurs in every minute of every day. Ninety percent of the data on the internet has been created since 2016, according to an IBM Marketing Cloud study cited in the article.

Starting in “late September” — so, by the time you read this — U.S. residents will be able to visit COVIDTests.gov and request a four-test package to be sent to your home, free of charge, according to an article from Lifehacker. These tests cover current variants, and will have expiration dates that are valid through at least the end of 2024. This is another round of offerings. You can get one four-test package per household, regardless of whether you have gotten free tests from the program before.

The owner of the shuttered Three Mile Island nuclear plant in Pennsylvania will invest $1.6 billion to revive it, agreeing to sell all the output to Microsoft Corp. as the tech titan seeks carbon-free electricity for data centers to power the artificial intelligence boom, according to an article from Bloomberg. Constellation Energy Corp., the biggest US operator of reactors, expects Three Mile Island to go back into service in 2028, according to a statement Friday. While one of the site's two units permanently closed almost a half-century ago after the worst US nuclear accident, Constellation is planning to reopen the other reactor, which shut in 2019 because it couldn't compete economically.

As the AI race heats up, companies are doing whatever they can to feed their models more data — and many are using our data to do so, sometimes without asking for our explicit permission first. LinkedIn is the latest apparent perpetrator of this practice: It seems everyone's “favorite” career-focused social media platform has been using our data to train their AI models without asking for permission or disclosing the practice first, according to an article from Lifehacker. Joseph Cox from 404Media initially reported the story, but you don't need to be a journalist to investigate it for yourself. Just head to LinkedIn, click your profile and go to Settings & Privacy > Data privacy. Here, you'll notice an interesting field: Data for Generative AI Improvement. This setting asks, “Can LinkedIn and its affiliates use your personal data and content you create on LinkedIn to train generative AI models that create content?” Oh, what's this? It's set to On by default? Thanks for asking, LinkedIn.

The new COVID-19 variant XEC may overtake others in circulation to become dominant in the coming months, experts said, but will not prompt a meaningful change in symptoms or vaccine response, according to an article from MedPage Today. So far, the CDC's variant proportions tracker has not registered enough cases of XEC in the U.S. to report it. (The agency's projected estimates for the 2 weeks ending on September 14 currently show KP.3.1.1 and KP.2.3 as the leading variants, with 52.7% and 12.2% of national cases, respectively.) Another estimate using data from the variant tracker GISAID has XEC at 1.11% of U.S. cases as of September 15, with around 48 sequences reported. First detected in Germany in June, it's been found mostly in Central Europe, representing 10% of cases, according to the U.K.'s Science Media Centre. From an article in USA Today, the side effects of newly discovered COVID-19 strain XEC might not be as severe, but is part of the more contagious variant class, experts say.