ICYMI: How To Tell If Someone Is Telling You The Truth

Image by Temel from Pixabay

Google employees' attempts to hide messages from investigators might backfire, according to an article at The Verge. The DOJ is trying to show that Google deliberately destroyed evidence that might have looked bad for it. Google employees liberally labeled their emails as “privileged and confidential” and spoke “off the record” over chat messages, even after being told to preserve their communications for investigators, lawyers for the Justice Department have told a Virginia court over the past couple of weeks. That strategy could backfire if the judge in Google's second antitrust trial believes the company intentionally destroyed evidence that would have looked bad for it. The judge could go as far as giving an adverse inference about Google's missing documents, which would mean assuming they would have been bad for Google's case.

Google is misunderstood, its attorneys say in an antitrust trial, according to an article from Courthouse News Service. The Justice Department accuses the Silicon Valley tech firm of engaging in a systematic campaign to seize control of high-tech tools used by publishers, advertisers and brokers to facilitate digital advertising. Firing back against claims by the U.S. Justice Department that Google operates its ad business as a monopoly, a witness Monday described the mammoth search engine as acting in the best interests of publishers. “Innovation is at the heart of this business,” said Nitish Korula, a research scientist and engineering director for Google. “It's a rapidly changing business. We keep looking for ways to make products better.” Korula described how the company walks publishers through the process of monetizing their websites and determining the kinds of ads appropriate for their brands. His testimony launched the third week of the antitrust trial before U.S. District Judge Leonie Brinkema, a Bill Clinton appointee. The Justice Department's case, made in a 150-page complaint filed in 2023, accuses the Silicon Valley tech firm of engaging in a systematic campaign to seize control of high-tech tools used by publishers, advertisers and brokers to facilitate digital advertising.

Two Play Store apps containing a malware Trojan that has affected over 11 million Android devices have been discovered, says an article from Lifehacker. The same malware was also found in unofficial apps, which means the number of victims here is likely much higher. Researchers from Kaspersky discovered a new version of the Necro Trojan, which has attacked users from two sources: On the one hand, the Necro Trojan is being delivered through legitimate apps distributed on the Google Play Store. On the other, bad actors injected their Trojan into modified apps, such as custom versions of Spotify and Minecraft, that users downloaded through unofficial means—otherwise known as sideloading.

Image by Rosy/Bad Homburg/Germany from Pixabay

There are secrets from the CIA, FBI, and Special Forces on how to know if someone is telling the truth, and an article from Fast Company lays some of them out. CIA case officers and FBI agents say employing these techniques can help you make better decisions about how much you can trust another person. Paying attention to body language is an essential component in the ongoing process of assessing a person's truthfulness. There's an often-used phrase: “What the mind conceals, the body reveals.”

Google will soon start identifying when content in search and ad results is generated by AI — if you know where to look, according to an article from TechRepublic. In a Sep. 17 blog post, the tech giant announced that, in the coming months, metadata in search, images, and ads will indicate whether an image was photographed with a camera, edited in Photoshop, or created with AI. Google joins other tech companies, including Adobe, in labeling AI-generated images.

From the “too little, too late” department, Microsoft's Secure Future Initiative was created around the same time the U.S. Cyber Safety Review Board chided Redmond for having a poor security culture. On Sept. 23, Microsoft released a report detailing the progress of the Secure Future Initiative, the company-wide overhaul put in place in November 2023, according to an article from TechRepublic. The Secure Future Initiative exists to improve security in the wake of some high-profile vulnerabilities in 2023. These vulnerabilities included a breach in Microsoft Exchange Online that allowed threat actors associated with the Chinese government to access U.S. government emails in 2023. In April 2024, the U.S. Cyber Safety Review Board published “Review of the Summer 2023 Microsoft Exchange Online Intrusion,” which said the hack “was preventable and should never have occurred.” The board found Microsoft had “a corporate culture that deprioritized both enterprise security investments and rigorous risk management.”

Mozilla

Mozilla has overhauled its branding to pay homage to its Netscape roots and better distinguish the wider organization from its Firefox web browser, according to an article from The Verge. The most notable change is to the company's logo: what was previously a sans-serif wordmark styled as “Moz://a” has been updated to correctly spell out the Mozilla name, featuring a new customized typeface and an M-shaped flag. According to Mozilla, the flag symbolizes the brand's “activist spirit.” That fits with the image that the Mozilla Foundation, which is leading the company, is attempting to build: describing itself as “a non-profit organization that promotes openness, innovation, and participation on the Internet” and regularly releasing privacy reports that investigate tech companies' policy and security practices.

This month, Earth will grab itself a second moon in the form of the tiny asteroid 2024 PT5, according to an article from Space.com. Unlike the moon, Earth's primary companion which has accompanied our planet for around 4 billion years, this “new mini-moon” will stick around for just two months before it heads back to its home in an asteroid belt trailing our planet and orbiting the sun. It will be captured in Earth's gravitational pull between Sept. 29 and Nov. 25. Unfortunately, during its occupation around Earth, 2024 PT5 won't be visible to the vast majority of skywatchers. “The object is too small and dim for typical amateur telescopes and binoculars. However, the object is well within the brightness range of typical telescopes used by professional astronomers,” research lead author and Universidad Complutense de Madrid professor Carlos de la Fuente Marcos said. “A telescope with a diameter of at least 30 inches plus a CCD or CMOS detector are needed to observe this object, a 30 inches telescope and a human eye behind it will not be enough.” It could return this January, and astronomers predict it will return as a mini-moon in 2055 and again in 2084.

A Harvard medical student, Dr. Nick Norwitz, ate 720 eggs in a month to study the effects the “fowl” diet had on his cholesterol and saw that his levels dropped nearly 20 percent, according to an article from the New York Post. That averages out to one egg per hour over a 30-day period. Norwitz “hypothesized” before his experiment that consuming the 60 dozen eggs would not increase his LDL (low-density lipoprotein) or “bad” cholesterol by the time the month was over.

Image by Gerd Altmann from Pixabay

Do you remember that DNA sample you sent to 23 & Me? You have reason to be concerned. In late September 2024, all seven members of the board of directors resigned, effective immediately. That left CEO and founder Anne Wojcicki to navigate the downward spiral that the company's stock is in. Wojcicki wants to take the company private, mostly in response to the company's drastic drop in its stock price. The company has until November 4, 2024 to get the stock price back up over $1 per share, or the company will be delisted from the stock exchange. It also remains a possibility that the company may be sold, along with the private and DNA data of its 15 million customers. The new owners may not see the protection of that private and DNA data to be as important as the company's founders do/does/did. This all comes on the heels of the company's $30 million settlement with victims of a data breach in October 2023, where customer's private and DNA data were discovered on the dark web. Most of the customers targeted in the breach were of certain Chinese and Jewish descent. This information was gleaned from multiple news outlets. You can follow along here with this DuckDuckGo search.

In a recent study published in The Journal of Nutrition, researchers in the United States analyzed data from the US NHANES study to evaluate the nutritional status of US adolescents and the impacts of added egg consumption on observed patterns. Alarmingly, over 60% of adolescents were at risk of inadequacy in one or more of calcium, magnesium, choline, and essential vitamins ((e.g., vitamins D and E), potentially due to unhealthy eating behaviors (e.g., late-night snacks). Encouragingly, the consumption of primarily egg-based dishes was found to improve nutritional outcomes, with consumers exhibiting significantly higher choline, vitamin B2, vitamin D, selenium, lutein + zeaxanthin, docosahexaenoic acid, and protein levels than their egg-avoiding counterparts.

Drug repurposing — identifying new therapeutic uses for approved drugs — is often a serendipitous and opportunistic endeavor to expand the use of drugs for new diseases, according to a newly published study in Nature Medicine. The clinical utility of drug-repurposing artificial intelligence (AI) models remains limited because these models focus narrowly on diseases for which some drugs already exist. Here we introduce TxGNN, a graph foundation model for zero-shot drug repurposing, identifying therapeutic candidates even for diseases with limited treatment options or no existing drugs. Trained on a medical knowledge graph, TxGNN uses a graph neural network and metric learning module to rank drugs as potential indications and contraindications for 17,080 diseases. When benchmarked against 8 methods, TxGNN improves prediction accuracy for indications by 49.2% and contraindications by 35.1% under stringent zero-shot evaluation. To facilitate model interpretation, TxGNN's Explainer module offers transparent insights into multi-hop medical knowledge paths that form TxGNN's predictive rationales. Human evaluation of TxGNN's Explainer showed that TxGNN's predictions and explanations perform encouragingly on multiple axes of performance beyond accuracy. Many of TxGNN's new predictions align well with off-label prescriptions that clinicians previously made in a large healthcare system. TxGNN's drug-repurposing predictions are accurate, consistent with off-label drug use, and can be investigated by human experts through multi-hop interpretable rationales.

Image by Alexander Lesnitsky from Pixabay

ChatGPT with GPT-4 uses approximately 519 milliliters of water, slightly more than one 16.9 ounce (500 ml) bottle, in order to write one 100-word email, according to original research from The Washington Post and the University of California, Riverside, says an article from TechRepublic. This extravagant resource use can worsen human-caused drought conditions, particularly in already dry climates. The Washington Post's reporting is based on the research paper “Making AI Less “Thirsty”: Uncovering and Addressing the Secret Water Footprint of AI Models” by Mohammad A. Islam from UT Arlington, and Pengfei Li, Jianyi Yang, and Shaolei Ren of the University of California, Riverside. Reporters Pranshu Verma and Shelly Tan and their editing team used public information for their calculations of water footprint estimates and electricity usage as detailed in their article. The Washington Post and the University of California, Riverside examined the electricity needed to run generative AI servers and the water to keep those servers cool. How much water and electricity are used in specific data centers can vary depending on the climate in which those data centers are located. Washington state and Arizona have particularly heavy water draws.

They're burning the modern Library of Alexandria, asserts an article from Jacobin. That's one way to describe the recent ruling of the Second Circuit US Court of Appeals against the Internet Archive (IA). The court sided with big-name publishers like Hachette, ruling that IA was violating copyright law with its online lending program. The decision nuked over five hundred thousand books from the IA lending library. The IA's National Emergency Library (NEL) was a remarkable nonprofit initiative launched in 2020 during the pandemic, offering vital access to books while people were separated from their friends, family, colleagues, recreational sites, bookstores, and libraries. The separation affected leisure readers as well as those who rely on book access for work, including public and private researchers. The emergency library was part of the IA's broader access program, the Open Library. The NEL, however, allowed more users to check out digital “copies” of books than they could under the more restricted Open Library rules. In essence, when the pandemic closed physical libraries, the IA threw open the doors of its digital library. Knowledge, after all, wants to be free.

Despite a deluge in hardware news at Apple's “It's Glowtime” iPhone 16 event, Apple didn't take any time to discuss repairability, according to an article from TechCrunch. It was a strange oversight, given the momentum that the right to repair movement has gained in recent years. A deeper dive after the event, however, has revealed several new iPhone 16 features designed to improve user access to device repair. The most interesting of the bunch is a new adhesive design that can be loosened by applying low voltage from a 9-volt battery. Glue has arguably been the biggest thorn in the side of DIY repairers. The thinner devices have become, the more manufacturers like Apple have grown dependent on the stuff in the place of screws.

NASA/JPL-Caltech

Currently, Voyager 1, launched September 5, 1977, is over 15 billion miles away, still communicating with Earth and providing valuable data from beyond the solar system's boundary, says an article from ecotias.com. However, this unprecedented longevity comes with challenges. The spacecraft's original design did not account for the extreme conditions it would face for decades. As a result, equipment degradation has been a persistent issue, possibly accelerated by space radiation. One significant problem was with the spacecraft's thrusters, crucial for maintaining its orientation and communication with Earth. Without functional thrusters, Voyager 1 would lose its ability to send data back to our planet. Among the numerous obstacles faced, the clogging of Voyager 1's thrusters has been particularly concerning. These thrusters are vital for keeping the spacecraft's High Gain Antenna pointed toward Earth, ensuring that it can receive commands and transmit data. The issue, caused by silicon dioxide buildup from the rubber diaphragm of the aging fuel tank, threatened to end the mission prematurely by compromising thrust generation and, consequently, orientation control. To address this critical problem, NASA engineers needed to think creatively. You'll have to read the article to find out how NASA engineers managed to resolve the issue.

Microsoft's Digital Crimes Unit (DCU) is disrupting the technical infrastructure used by a persistent Russian nation-state actor Microsoft Threat Intelligence tracks as Star Blizzard, says an article from a Microsoft blog entry. Today, the United States District Court for the District of Columbia unsealed a civil action brought by Microsoft's DCU, including its order authorizing Microsoft to seize 66 unique domains used by Star Blizzard in cyberattacks targeting Microsoft customers globally, including throughout the United States. Between January 2023 and August 2024, Microsoft observed Star Blizzard target over 30 civil society organizations – journalists, think tanks, and non-governmental organizations (NGOs) core to ensuring democracy can thrive – by deploying spear-phishing campaigns to exfiltrate sensitive information and interfere in their activities.

In August, a threat actor compromised the data of 77,099 Fidelity Investments customers in Maine, the financial firm said in a breach notification letter to thousands of customers on Oct. 9, according to an article from TechRepublic. An attacker snuck in by creating two new user accounts. Fidelity assures customers their investments aren't affected. The attacker didn't access funds in Fidelity investment accounts. However, the hacker obtained personal information — including Social Security numbers and driver's licenses — and created two new customer accounts. In response, Fidelity shut down the attacker's access and offered affected customers a credit monitoring and identity restoration service.

Mozilla, Firefox's developer, announced in a security advisory on October 9, 2024, that it had patched a “critical” flaw with the browser, according to an article from Lifehacker. The company says the issue, CVE-2024-9680, is a “use-after-free” flaw affecting Animation timelines. Use-after-free flaws occur when a system frees up memory, but a program continues to access it anyway. While this can result in general software issues, it also opens the door for bad actors to jump in. In this case, Mozilla confirms the flaw allows an attacker to “achieve code execution,” or run their own malicious code, through the exploit. What makes this particular flaw a critical issue is that it is a zero-day with an active exploit. A zero-day is a flaw discovered before the developer (Mozilla) has a chance to patch it. You can read Mozilla's announcement here.

According to an article from The Verge, The Internet Archive will come back within “days” following a cyberattack that brought down the organization's vast digital library and the Wayback Machine, says an update from founder Brewster Kahle. It's been struggling due to a data breach and DDoS attack during the first full week of October that revealed the email addresses, screen names, password change timestamps, and other information associated with more than 31 million unique email addresses. As of the time of this article's authorship (mid-October), The Internet Archive is back up.

Are you getting “app fatigue?” That's the issue that an article from The Atlantic takes a look at. These days, every Bob and his uncle seem to have their own dedicated mobile app. Do you want to take advantage of “in-app” only specials? You had better have the app installed. Do you want to get your food delivered? There's multiple apps for that, at least one for every service out there. Do you want to get your rewards from your favorite retailer? You had better use their app. Do you want to grab a ride from Uber or Lyft? There's an app for that (one for each service). If you have kids, there are probably more apps available to access school information for your kids than there are books in the schools (I personally have at least four different ones installed on my phone, as the school district keeps changing which ones they choose to use). The proliferation of dedicated apps is frustrating, overwhelming and maddening.

Hackers are leveraging AI to hack your Gmail accounts, according to a report from Forbes. The attack is very sophisticated, and could fool even seasoned users. In fact, the attack is very convincing, and very scary. You will definitely want to read the entire article on this one, and pay particular attention to how the hack plays out at all levels. To be forewarned is to be forearmed.

Newly uncovered emails reveal how Google and Amazon used their access to the Office of the US Trade Representative as they sought to undermine overseas regulations — including efforts to protect traditional media outlets, according to an article from the New York Post. In May 2023, Google tried to enlist the USTR in its fight to defeat or at least water down Canada's Online News Act, which took effect last December. The law requires Google and Facebook parent Meta to pay publishers for the right to display their content online. Meta exited Canada in response. That month, Google's head of trade policy Nicholas Bramble emailed three USTR staffers – senior director for services and digital trade Andrea Boron, deputy assistant trade representative Robb Tanner and director for Canada Randall Oliver – to request a meeting on “upcoming developments on Canada.”

Microsoft might be about to temporarily halt the rollout of its latest operating system update, Windows 11 24H2, for some users after reports of Blue Screen of Death (BSOD) errors emerged, according to an article from How-To-Geek. The issue appears to be linked to specific Western Digital SSDs and their interaction with the updated storage drivers in 24H2. The Windows 11 24H2 update includes new File Explorer features, an updated Copilot experience, Wi-Fi 7 support, expanded availability for Voice Clarity audio, and much more.

The MX Linux forum has been under a botnet DDOS attack for several days, the MX Linux forum self-reported on October 14, 2024. It's not the biggest botnet around, but it's big enough to cause our server to struggle to keep up with the requests the bots are making. From what we can tell, the bots are just “clicking” on random forum links. As part of the defense, a Cloudflare captcha is being utilized to access the forum. Users may see that captcha even if they are not logging in. It's annoying, but this has been recommended at least as long as the attack is ongoing. Other steps, such as IP address blocking, are being taken as well.

The Federal Trade Commission announced on October 16, 2024, a final “click-to-cancel” rule that will require sellers to make it as easy for consumers to cancel their enrollment as it was to sign up. Most of the final rule's provisions will go into effect 180 days after it is published in the Federal Register. “Too often, businesses make people jump through endless hoops just to cancel a subscription,” said Commission Chair Lina M. Khan. “The FTC's rule will end these tricks and traps, saving Americans time and money. Nobody should be stuck paying for a service they no longer want.”

Google has gotten a bad reputation as of late for being a bit overzealous when it comes to fighting ad blockers, according to an article from Lifehacker. Most recently, it's been spotted automatically turning off popular ad blocking extension uBlock Origin for some Google Chrome users. To a degree, that makes sense—Google makes its money off ads. But with malicious ads and data trackers all over the internet these days, users have legitimate reasons to want to block them. The uBlock Origin controversy is just one facet of a debate that goes back years, and it's not isolated: your favorite ad blocker will likely be affected next. Here are the best ways to keep blocking ads now that Google is cracking down on ad blockers.

Last October, 23andme announced they had been attacked. A bad actor used a tactic called credential stuffing, where they were able to gain access to 23andme accounts by utilizing the users' credentials from their other compromised accounts, according to an article from Lifehacker. (As a side note, this highlights the importance of using a unique password for each of your accounts.) Through this credential stuffing, this actor was able to obtain information from DNA Relatives, as the feature relies on sharing data with other users you are genetically related to. That includes information like the user's display name, predicted relationships, and percentage of DNA that user shared with their matches. It also includes a number of optional data points if the user opted-in to sharing them, such as location, profile picture, birth year, and a link to their family tree. To that last point, a number of user data was compromised through the Family Tree feature.

According to an article from Bloomberg News, fentanyl is ridiculously cheap and roughly 100 times more potent than morphine. Mexican cartels and other producers of illicit drugs add small amounts of it to cocaine, counterfeit versions of Adderall and other pills, methamphetamine and synthetic cannabis as an extremely cost-efficient filler that hooks customers. In slightly larger amounts — the equivalent of 10 to 15 grains of salt — it stops brain functions that regulate breathing. Fatal overdoses from fentanyl-laced drugs in the US and Canada have increased so rapidly over the past five years that some health officials classify it as an epidemic. Two years ago, JR Rahn had a thought: What if you could treat fentanyl tragedies like you would a traditional health epidemic? Could you create a fentanyl vaccine?

What was described as a “previously unknown” threat just three months ago has now prompted a third warning from the US government to update or stop using PCs, according to an article from Forbes. By exploiting old code buried under the covers of today's Windows systems, it has quickly become clear that “a significant percentage of Windows devices are fully exposed and at risk of being taken over by attackers.” The latest vulnerability is CVE-2024-43573, which the US cyber agency warns is “an unspecified spoofing vulnerability which can lead to a loss of confidentiality.” It has mandated all federal employees to “apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable” by October 29. In other words, update your PC, or stop using it until you can.

Colossal, the de-extinction and species preservation company, announced numerous breakthrough successes in all stages of the thylacine de-extinction effort that put the company much closer to returning the iconic thylacine to Australia, says an announcement from the company. Thylacines (more commonly known as the Tasmanian Tiger), which have been extinct since 1936 due to human depredation, are a keystone species that is vital to the healthy function of the Tasmanian ecosystem, but are also an ideal candidate for the Colossal mission. Given their relatively recent extinction, many thylacine specimens are exceptionally well-preserved, allowing Colossal and its collaborators to push the boundaries of ancient DNA science and create the genomic blueprints for the thylacine's return.

A typical large tree can suck as much as 40 kilograms of carbon dioxide out of the air over the course of a year. Now scientists at UC Berkeley say they can do the same job with less than half a pound of a fluffy yellow powder, according to an article from the Los Angeles Times. The powder was designed to trap the greenhouse gas in its microscopic pores, then release it when it's ready to be squirreled away someplace where it can't contribute to global warming. In tests, the material was still in fine form after 100 such cycles, according to a study published in the journal Nature.

Chemists at several universities, including the University of California, Riverside, looked at the process of photosynthesis, in which plants convert sunlight into the sugar they use to fuel their growth, and decided it may be too inefficient to keep up with the growing human demand for food, says an article from Gizmodo. In the journal Joule, they wrote that climate change and population growth are pushing humanity to develop better ways to grow crops that aren't dependent on the Sun. To that end, the team devised a new agricultural method, which they say bypasses conventional photosynthesis, and could be a part of the solution to the global problem of food insecurity.