Jump to content

All Activity

This stream auto-updates     

  1. Last week
  2. The Paris-based Financial Action Task Force (FATF) said on Friday jurisdictions worldwide will be required to license or regulate cryptocurrency exchanges and some firms providing encrypted wallets, to help stamp out the use of digital money for money laundering, terrorism financing or other crimes. Firms providing financial services for issuances of new cryptocurrencies - initial coin offerings - must also be subject to the rules, it said. Cryptocurrencies are digital tokens whose creators say they can be used as money without the backing of any country’s central bank. Until now, their regulation has defied global coordination and led to a patchwork of differing approaches by national governments. How countries implement the rules will be subject to periodic reviews by the watchdog, said its President Marshall Billingslea. Countries judged to be falling short could be added to an FATF blacklist that restricts access to the global financial system. “By June, we will issue additional instructions on the standards and how we expect them to be enforced,” he said. The first and most popular cryptocurrency is bitcoin, which has been followed by hundreds of others. The price of bitcoin soared 1,300 percent last year to a record of near $20,000 in December but has since plummeted. It was trading at around $6,390 on Friday afternoon. Extreme price volatility, along with regular thefts from exchanges, have vexed regulators. In the absence of global rules, countries have taken contrasting routes to taming the sector. Japan last year became the first to regulate cryptocurrency exchanges, while China and South Korea clamped down heavily on them. In Europe, several countries including France, Switzerland and Malta are looking at early-stage supervision by regulating initial coin offerings. Lawyers specialising in anti-money laundering welcomed the FATF move, but warned that challenges remain in tracing the true owner of cryptocurrencies. “You can put any name down for these coin exchanges, and it doesn’t have to be the ultimate beneficial owner,” said Kyle Phillips at law firm Howard Kennedy in London.
  3. Privacy advocates have plenty of questions about how data from buying marijuana online will be handled When Canadians go to buy their first grams of legal cannabis next week, many of them will do so through the internet, creating huge quantities of data as a side effect of their purchases. But with only one week until legalization, privacy advocates say they still have plenty of questions about how that data will be handled. And the answers could have serious ramifications: The United States still considers cannabis to be an illegal substance and concerns have been raised that Canadians could be blocked from travelling to the U.S. if customs officials find out that they have purchased the drug, or been involved in legalized production. Expect ‘long waits and limited selection’ on day one of weed legalization Cannabis stocks are the hottest game in town — here’s why we don’t invest in them “It’s going to be an issue, and it’s going to present problems and challenges in terms of how that data is used, how it’s protected,” said Matt Murphy, a former U.S. Drug Enforcement Administration agent who is now vice-president of compliance for Khiron Life Sciences, a Toronto-based cannabis company. “I’m not aware of much guidance relative to how that data is protected, how it’s used, how it’s stored. These are all interesting questions that I think we’re going to have to deal with — probably sooner rather than later.” Murphy downplayed the concerns about the U.S. going to great lengths to figure out who bought a gram of cannabis — he said they’re more worried about terrorists and illegal migrants — but he said that potential privacy breaches could affect people’s employment, or simply cause public embarrassment. Some key players in the industry are clearly thinking about privacy issues, but with 10 provinces with different distribution systems, and the inherent complexity of e-commerce, it’s difficult to fully understand who all will have access to private cannabis-related data, and how it will be protected. In a statement in late-September, the Ontario Cannabis Store said that it will take a “privacy by design” approach to online sales, which will be the only option available in the province until next year. “Only information required for completing the transaction will be collected: name, address, contact (phone/email) and payment information,” OCS spokesman Daffyd Roderick said in an email. “This information is used to process transactions, to verify the identity of the purchaser, to deliver and return products, to issue refunds, and to protect against error or fraud.” Roderick emphasized that data will be encrypted and stored in Canada. In a statement on the OCS website, the Crown corporation said that it will only retain data for the minimum amount of time required by law, and that the data will be held on servers in Canada. The OCS is working with Shopify to provide e-commerce services for cannabis, and Loren Padelford, vice-president and GM for Shopify Plus, said the company has built special systems to store customer data exclusively in Canada. “If that data is stored in our Canadian infrastructure, it is not being shared,” Padelford said. “Unless we are provided a court order by an entity that has jurisdiction over Shopify as a Canadian company, we will not be sharing this information with anybody.” But Padelford also gave an idea of the complexity of the situation. In addition to collecting enough identifiable information for verifying a customer’s age and delivering the drugs to them, there’s a complicated financial system to consider. Shopify routes payment information to “payment gateway” companies such as Stripe. “Stripe has all the relationships with the banks, the credit card companies, that’s what the payment processors do,” he said. ”They are the relationship with that side. So they take order information from us and process that with VISA and Mastercard.” Both VISA and Mastercard issued statements to the Financial Post downplaying the amount of customer data they have. “When cardholders use their cards, we don’t know who they are and do not have contact information — because we only see an account number,” Mastercard said. “We don’t know what they purchased; we simply know the total amount spent at a merchant on a particular date.” But anybody who’s ever looked at a credit card statement knows it also identifies individual retailers, which could identify the nature of the purchase. Neither VISA or Mastercard would say if Canadian customer data is stored on Canadian servers, or if it goes to data centres in the U.S. VISA said that it would not provide any customer information to law enforcement without “without proper judicial authority.” Brynne Moore, a spokesperson for Scotiabank, suggested that they won’t really be treating cannabis data any different from other financial information. “The safety and security of our customers and their accounts is a top priority for Scotiabank,” Moore said in an email. “We have policies in place to protect our customers’ privacy for all of their transactions with our bank, regardless of their nature.”
  4. If you’re travelling by plane in the United States any time soon, you may come across facial recognition technology to check in, drop off a bag, go through security and board your flight. U.S. Customs and Border Protection (CPB) has been using the technology to screen non-U.S. residents on international flights for a few years. But now the Transport Security Administration (TSA) is partnering with the CPB and rolling out facial recognition on domestic flights, too TSA said by using facial recognition technology, it hopes to speed up travel time for passengers and reduce the need for documents like passports and flight tickets. Currently, the TSA mainly relies on visually identifying travellers and verifying passports — but retina scan and fingerprint matching are slowly creeping into more U.S. airports. And now there are the facial scans. “It’s convenient, secure and efficient,” John Wagner, deputy executive assistant commissioner at U.S. Customs and Border Protection’s office of field operations told the Denver Post. “We just have to find better ways than lining everyone up and manually reviewing (documents).” Later this month, Delta Air Lines and the TSA are launching the first facial recognition terminal at Atlanta’s international airport that uses the technology to speed up the travel process by automating flight check-in, bag drop, ID verification and boarding a flight. Technology already caught an imposter It seems like the technology is already working. In August, facial recognition at an airport near Washington, D.C., helped catch a man attempting to enter the U.S. with false documents, according to U.S. Customs and Border Protection. A man travelling from São Paulo, Brazil, used a French passport as his identification at the Washington Dulles International Airport. But the facial recognition system flagged the man’s face as not matching the passport photo. Officers then searched the man and he grew “visibly nervous,” according to the CPB. Officers then found a Republic of Congo identification card concealed in his shoe. The facial recognition technology at Dulles Airport (where the man was caught) uses iPads at departure gates. This is how it works: a passenger gets his or her face scanned, then the image is compared with a gallery of photos pulled from the U.S. Department of Homeland Security, including passport or visa photos of all travellers on the flight. If the images match, the screen flashes green, and the person is allowed to board the flight. If the screen flashes red then the person may be pulled aside for additional screening. Privacy concerns According to the Denver Post, privacy advocates and civil libertarians are concerned about the devices’ accuracy and potential misuse of the information they collect. “Right now, there is very little federal law that provides any type of protections or limitations with respect to the use of biometrics in general and the use of facial recognition in particular,” Jeramie Scott, national security counsel for the Electronic Privacy Information Center said, which has filed Freedom of Information Act requests seeking details about the program. The American Civil Liberties Union (ACLU) has also criticized the technology citing discrimination and false matches. “Facial recognition software is easily tripped up by changes in hairstyle or facial hair, by aging, weight gain or loss, and by simple disguises,” the ACLU said in a statement. But the TSA does not agree and said it believes travellers will embrace the idea because of its “convenience.” “Travelers increasingly use biometrics, such as fingerprint and facial recognition, in their daily lives to access their mobile devices, apps, and accounts. As biometric usage continues to spread throughout the consumer market, popular perceptions have evolved to appreciate the convenience and security biometric solutions can offer in the commercial aviation sector,” the TSA said in a report. It also believes there is a demand for self-serve options that “minimize direct interaction with government and airline personnel.” China airport automates check-in with facial recognition China is also using facial recognition in its airports, raising privacy concerns as Beijing pushes to become a global leader in the field. Shanghai’s Hongqiao airport uses self-service kiosks for flight and baggage check-in, security clearance and boarding powered by facial recognition technology, according to the Civil Aviation Administration of China. Many airports in China already use facial recognition to help speed security checks, but Shanghai’s system, which debuted Monday, is being billed as the first to be fully automated.
  5. Companies including Sony have been doing their best to shut down developers who create Kodi add-ons that facilitate access to infringing content. Given this background, it's perhaps a little surprising that Sony Australia is recommending users of its Android TVs to download Kodi to access addons "that provide access to popular internet streaming media services." Despite always operating within the law, the team behind the popular Kodi media player have found themselves at the middle of huge piracy controversy. While a stock Kodi installation is entirely legal, millions of users install special third-party add-ons that grant access to huge libraries of infringing content. This isn’t recommended by the official Kodi team but there’s little doubt that most Kodi users now connect the media player with free movies, TV shows, and live sports. To counter this threat, the Alliance for Creativity and Entertainment – a coalition of 30 media giants including the MPAA, Netflix, Amazon, Disney, and Sony – has been targeting developers of third-party add-ons that provide access to infringing content. Many have stopped their activities following legal threats but the ecosystem remains lively and as a result, Kodi remains popular with the public. With this in mind, it’s perhaps a little surprising that Sony Australia is actively encouraging users of its range of Android-based smart TVs to install Kodi on their devices. As the image from Sony’s website shows, the company not only places Kodi in the number one spot for recommended Android TV apps, it highlights that “community-created addons” can be used to “provide access to popular internet streaming media services.” Kodi streaming addons are where it’s at… The hyperlink in Sony’s recommendation links to the official Kodi wiki which in turn links to official addons (which shouldn’t cause any legal issues) and unofficial repositories, which aren’t guaranteed to be problem-free by the Kodi team. However, the same page also offers a list of banned addons, which are mostly used to access infringing content. They can’t be downloaded or installed from the wiki page but they do provide a handy guide for users looking for an entry point into the darker parts of the Kodi world. At this point, it should be reiterated that stock Kodi is entirely legal and there’s nothing fundamentally wrong with Sony’s promotion of Kodi or legal addons. However, seeing Sony recommending Kodi’s ability to utilize third-party add-ons is somewhat of a surprise, given Sony’s efforts as part of ACE to discourage people from using those that infringe. Of course, that’s where the problem lies. The vast majority of users of Kodi and/or Sony’s TVs will not know which add-ons they are supposed to use and which ones are legal and which ones are not. That said, it’s almost inevitable that they’ll gravitate towards the ones offering the most exciting content, which means precisely the type of addon being targeted by ACE and by default, Sony Pictures. Still, if Sony is happy to recommend third-party Kodi add-ons to get the best out of its televisions, it must be confident that its customers will do the right thing. There are plenty of legal addons available but good luck to the layman when it comes to filtering them out.
  6. The U.S. Army recently asked high-tech defense firms for ideas on how to develop a non-lethal weapon capable of knocking out remote weapon stations on enemy vehicles without endangering nearby civilians. "The sociopolitical ramifications of collateral damage, especially the type of damage that can be inflicted with traditional anti-armor assets, have made it increasingly difficult for the dismounted soldier to engage lightly armored vehicles," according to an April 20 solicitation posted on www.sibr.gov, a government website for the Small Business Innovation Research (SBIR) program, which is designed to encourage small business to engage in federal research and development. Remote weapon stations, or RWS, are "often highly instrumented to provide vision, range finding as well as weapon stabilization," the solicitation states. "If the instrumentation can be blinded or the stabilization destroyed, they become far less dangerous to the dismounted soldier and the civilian population as a whole," it continues. "If the entire electronics of the RWS can be disrupted, even basic traversing and firing functions become disabled." The solicitation, which closed to submissions June 20, sheds new light on the Army's increased emphasis on electromagnetic and other non-kinetic weapons to give dismounted soldiers an edge on future battlefields in densely populated areas. In addition to enemy vehicles, weapons such as surface-to-air missiles systems that are placed near housing, hospitals, schools and other civilian structures make it more difficult for ground forces to engage them. "The ability to disable these targets in a manner that provides for very low collateral damage, with respect to civilian loss of life, would increase the effectiveness of the dismounted soldier in the modern, news-centric, politically charged environment," the solicitation states. The goal of the effort would be to develop a system that could be deployed by a single dismounted soldier in an urban setting, according to the solicitation. "The mechanism must be easy to deploy by an individual soldier and inexpensive enough that dismounted soldiers feel free to deploy them," the solicitation states. "The proposed mechanism must be able to be delivered in a payload weighing less than five pounds, and be effective in disabling or disrupting the intended component of the mechanized system in under 5 minutes." There is no timeline given, but the initial phase of the effort directs firms to "evaluate multiple non-kinetic-kill mechanisms that can provide either a mobility kill, defeat of a remote weapon station with a low collateral damage mechanism for leveling the playing field against mechanized assets." The Army is interested in prototypes that feature different modes that can be selected "prior to deployment in order to maximize their utility against various armored vehicles (ie. light vehicle vs. structure)," the solicitation states. The effort will also involve working with the Defense Department, the National Institutes of Justice and law enforcement agencies to develop guidelines for the use of these devices. "It is imperative that these mechanisms are not viewed as lethal to bystanders save for concerns of an accidental kinetic effect from the deployment itself," the solicitation states. "Evaluate the mechanism's utility versus its propensity for accidental collateral (property) damage."
  7. At next week's Euronaval exhibition in Paris, Saab will be unveiling the latest version of its Lightweight Torpedo (SLWT). Already ordered by Sweden and Finland, the compact submarine hunter/killer weapon is designed to be launched from a variety of sea and air platforms and is tailored to both blue water conditions and the complex environment of the shallow Baltic Sea. With increased tensions between Russia and NATO, as well as China's growing regional and global ambitions, anti-submarine systems are gathering interest at a level not seen since the Cold War. This is especially true in dealing with possible Russian incursions in the Baltic, which is notorious for its shallow water, variable salinity, temperature layers, complex seabed topography and the bewildering noise levels caused by heavy sea traffic. To deal with this ideal submarine hidey hole, Saab has been developing its SLWT system aimed at both the Swedish Royal Navy and global export markets. Though it can operate in the open sea, Saab says the new torpedo works best in dealing with littoral anti-submarine warfare. At first glance, the SLWT doesn't seem like much when compared with the huge torpedoes like the US Mark 48 and British Spearfish. It's only 2.85 m (9.35 ft) long, 40 cm (15.75 in) wide and weighs in at 340 kg (750 lb) soaking wet, but inside, it has a state-of-the-art, fully digital homing system that gives it a fire-and-forget and wire-guided capability. Small enough to be launched by submarines, surface ships, helicopters, airplanes, or from improvised launchers, the SLWT's electric pump jet powered by a lithium-based rechargeable battery can propel it at over 40 knots (46 mph, 74 km/h) and at depths of over 300 m (1,000 ft) for more than an hour. Additionally, the SLWT is an intelligent weapon. Operated either autonomously or by wire using a two-way data connection, the torpedo can pilot a preset search pattern or series of waypoints while scanning with its multi-beam active/passive sonar system. As it does so, it can adapt to changes in temperature and salinity, while its onboard computer can distinguish between rock outcroppings, wrecks, and active submarines as well as navigate around obstacles. Saab says that once engaged with a hostile craft, the SLWT can pursue, attack, and even break off and re-engage multiple times. It can even distinguish between submarines and active decoys and can work with other torpedoes to pen in a target. After pressing in its attack, the torpedo's PBX omnidirectional explosive warhead can deliver the fatal killshot. Another feature of the SLWT is that it can be ordered to abort an attack at any time or go into training mode. If it does so, the torpedo will not strike the target, but will veer off and activate a flotation mechanism, so it can be recovered and its onboard data studied for mission evaluation. "The SLWT project is going very well," says Stefan Sjögren, Programme Director, Lightweight Torpedoes at Saab. "We are in the process of finalizing the second demonstration torpedo with all the features as in the final product. We are bringing key advances in torpedo technology to SLWT, which translates into endurance, accuracy, and complete control." https://www.youtube.com/watch?v=LlXbG3cXJSc Source: Saab
  8. The sky’s the limit as the city of Calgary opens what it believes is the first testing area in Canada for drones, autonomous vehicles and other technologies. The city has set aside a 50-hectare site in its industrial southeast to offer airspace for an increasing demand from companies and educational institutions wanting to do mass tryouts of commercial drones. A downturn in the energy industry when oil prices took a free fall in 2014-15 spurred the development of geospatial sciences, said Patti Dunlop of Calgary Economic Development. Calgary Mayor Naheed Nenshi was on hand at a new testing facility for drones and other technologies, which the city says is the first of its kind in Canada. After a failed attempt, Nenshi managed to help get a drone airborne. The Canadian Press “There’s many companies that came out of the downturn that actually took their engineers, mathematicians and … transitioned into … another burgeoning technology,” she said. “Energy will always be our backbone but we are more than that.” Geographic information systems are designed to capture, store, analyze and manage spatial or geographic data. Mayor Naheed Nenshi said the Calgary testing site will be a boon to many sectors, including oil and gas, film and financial services. “We have a part of the city that is part of the endless prairie where there are no buildings, so the concept of the living lab, here, for the first time in Canada … really allows us to help these companies grow,” he said Friday at the official opening of the testing area. Nenshi gave an example of how new technology can be used in everyday life. “I had my roof damaged in a hailstorm. The insurance company was able to send a drone over my roof to look at the damage without having to send someone over to climb a ladder and have a look there.” Dunlop said a pilot project last year offering a test area within the city was so successful it led to the permanent site that opened Friday. “From what I know, nobody else has started doing this. There’s places in the United States that have testing, but in Calgary we’re the first municipality that’s allowing this type of testing to happen.” There are requirements companies have to meet to use the test centre. They include licensing fees, proof of $2 million in corporate liability insurance and a special flight operations certificate for drone technology.
  9. Earlier this month, Canadian telco regulator CRTC denied a controversial site blocking proposal put forward by the FairPlay coalition. This came as a major disappointment to Bell and Rogers, two of the main proponents of the plan, who are now trying to tackle various piracy issues through a revision of the Copyright Act. The Canadian Government is currently exploring if and how the current Copyright Act should be amended to better fit the present media landscape. One of the key issues is the compensation that artists receive for their work. This was also the focus of a hearing before the House Heritage Committee this week, at which Bell (BCE) and Rogers both made an appearance. The companies are Canada’s largest Internet providers, but both also have their own media branches. As such, they have an interest in copyright issues, which they made quite apparent during the hearing. Bell and Rogers called for several changes to the Copyright Act to address the piracy issue. Interestingly, the proposals were identical on many fronts, with both companies highlighting how piracy is causing millions in lost revenue. First up was Rob Malcolmson, Bell’s Senior Vice President of Regulatory Affairs. Instead of addressing artist compensation directly, he drew the focus to the “impact of organized content theft” instead. “This issue is fundamental to the topic the committee is studying because no matter what remuneration model you adopt, creators can never be fairly compensated if their work is being widely stolen,” Malcolmson said. He went on to cite a series of piracy statistics published in recent years, including the increased popularity of pirate streaming boxes, and the fact that more than a quarter of all Canadians are self-proclaimed pirates. To address this rampant “theft”, Bell presented three recommendations. The first is to criminalize online streaming of pirated material. This doesn’t mean that any end-users would end up in jail, but it should act as a deterrent for operators of pirate streaming sites and services. Bell’s second suggestion is to get the authorities and public officials actively involved in anti-piracy enforcement actions. The UK and US were cited as examples where local police and special units help to deal with piracy issues. “We recommend that the government should create and consider enshrining in the Copyright Act an administrative enforcement office and should direct the RCMP to prioritize digital piracy investigations,” Malcolmson notes. Finally, Bell also reintroduces the piracy blocking proposal of the Fairplay Canada Coalition. The CRTC denied this application earlier this month, noting that it lacks jurisdiction. This is something the government could change through an update of the Telecommunications Act. Alternatively, website blocking could be addressed by an update to the Copyright Act, which would make it easier for courts to issue injunctions against ISPs and other intermediaries. This would simplify site blocking, but could also apply to search engines, hosting companies and payment processors. “In addition, a new provision could be added to the Copyright Act that would apply more broadly to intermediaries such as ISPs, web hosts, domain name registrars, search engines, payment processors, and advertising networks,” Malcolmson said. Following Bell’s testimony, the committee’s attention moved to Pam Dinsmore, Vice-President Regulatory, Cable, at Rogers Communications. She also stressed the importance of addressing piracy, mentioning various statistics and the rise of online streaming in particular. Interestingly, Rogers’ proposals to deal with this problem show a lot of overlap with those put forward by Bell. For example, the company also suggests criminalizing online streaming. “The Act should make it a criminal violation for a commercial operation to profit from the theft and making available of rights holders exclusive and copyrighted content on streaming services. In our experience, the existing civil prohibitions are not strong enough to deter this kind of content theft,” Dinsmore said. Rogers also raised the site-blocking issue. Specifically, it should be easier for rightsholders to obtain injunctions against intermediaries in the piracy ecosystem. This includes ISPs, domain name registrars, search engines, and content delivery networks. “For example, a rights holder should be able to quickly obtain an order from a court to require an ISP to disable access to stolen content available on pre-loaded set-top boxes without concern that the operation of section 36 of the Telecommunications Act might impede this effort,” Dinsmore added. While none of these suggestions directly impact the compensation of artists, which was the topic at hand, Rogers did present an idea at the end. According to the company, section 19.3 of the Copyright Act could be updated to change the current 50/50 royalty split between artists and labels to 75/25, favoring the artists. Not all members of the Heritage Committee were impressed by the idea, which comes at the expense of the labels, with some asking what Rogers was willing to hand out itself. “Are you willing to give up some more money as you suggested the record label should?” Conservative MP Martin Shields said. When Dinsmore replied that she didn’t know what the mechanism for that would be, the MP replied: “It’s a little strange that you’re suggesting someone else to give up money, but not your company.” MP Randy Boissonnault, in particular, was not at all impressed by the telco’s proposals and stressed that the hearing was not the right venue to call for these changes. “Your submissions to this committee ring hollow and tin ear,” Boissonnault said, noting that they are too technical and not addressing the topic at hand. “This is the place where we’re advocating for artists. You said so in your submissions and yet what we see is – go after the ISPs – shut down the piracy. We get that, we know that.” Even if the claimed $500 million in lost subscriber revenue could be recouped, artists would still get the same size of the pie, the Liberal MP noted. “There’s nothing more that’s coming from your shareholders to go into the pockets of artists. So where’s the creativity from industry to put more money in the pockets of artists? Because you won’t have things to sell from Canada if we don’t support the artists and consumers.” While Bell and Rogers likely hoped for a different response, and may not get what they want out of this hearing, it’s clear that their push for tougher anti-piracy measures didn’t end at the CRTC earlier this month.
  10. Twenty-eight days. That's how long members of the RCMP and Toronto police have been ordered to abstain from smoking or vaping recreational pot before reporting for duty. Calgary police officers won't be allowed to use cannabis at all while off the job. Such prohibitions have sparked a growing firestorm, with the national association representing front-line officers calling the policies "offensive" and the union for Toronto cops describing the ban as "ill-contrived" and "arbitrary." But is demanding that Mounties and municipal police officers forego a soon-to-be legal substance for such a lengthy period justified, when there's no similar policy governing alcohol or potentially mind-altering prescription medications? That depends on how much a person consumes and how often, said Dr. James MacKillop, co-director of the Centre for Medicinal Cannabis Research at McMaster University. "So if you smoke today, within a few days it will be entirely out of your system because a single instance may be longer-lasting than alcohol but it still nonetheless will be metabolized and will be excreted," MacKillop said from Hamilton. "If a person is a regular, frequent user, then that window gets much longer because cannabis is what's called lipophilic, which means it's absorbed into the body's fat cells and then it leeches back out from the fat tissue into the bloodstream. And that's why it's also detectable in urine," he said. "So if a person's a heavy user, it may indeed be detectable for up to a month." MacKillop said a number of studies provide evidence of lingering effects of cannabis, including one that found reductions in cognitive performance in active pot users compared to non-users, which returned to normal levels with protracted abstinence. "It's not clear that any of those chronic effects on cognition persist after a person stops, but a 28-day washout period would be expected to eliminate virtually all of the cognitive consequences," he said. "That's a high bar, but optimal performance from the police or the military or airline pilots or other people in highly safety-sensitive jobs is very desirable. So it's hard for me to disagree with policies that prioritize safety." 'Super cautious' However, Rielle Capler, a researcher with the B.C. Centre On Substance Use, considers such lengthy periods of pre-work abstinence unreasonable based on how long the active psychoactive component of cannabis and breakdown products known as metabolites can affect the brain. "While the metabolites might still be present in the urine or blood that long, there is no connection to actual impairment," she said Friday from Vancouver. "Impairment with cannabis depends on the mode of use, how much you use and your tolerance," said Capler, who specializes in cannabis policy. "If you're inhaling it, the peak impairment is about one to two hours and the impairment dissipates after three to four hours. "If you're ingesting it, then you might start to feel impairment after an hour or two. It might peak at three or four hours, and be in your system for six to eight hours in terms of it having an effect," she added. "If you wanted to be super cautious and conservative, you could say no consumption eight hours before work." Capler maintains the police forces are creating a prohibition for a legal substance without the backing of scientific evidence, and that they should carefully examine the research literature on marijuana-induced impairment and revamp their policies based on the findings. Despite recreational cannabis being previously illegal, many Canadians have been toking or vaping the drug, she said. "And that's why we're changing the laws to coincide more with reality and not criminalize people for something that is happening. "We don't want anybody impaired on the job — that's very important, and I think that's always been important. "It doesn't become more important after Oct. 17."
  11. Parks Canada confirmed this week that marijuana can be consumed at its campsites — part of a policy of offering visitors a "consistent and predictable" experience at national parks across the country. "While Parks Canada campgrounds are public areas, the agency treats individual campsites as temporary domiciles for our visitors. For this reason, at Parks Canada campgrounds, consumption of cannabis will be permitted in campsites," spokesperson Marie-Hélène Brisson wrote in an email. In some provinces — British Columbia, Alberta, Ontario and Quebec, as well as Nunavut and the Northwest Territories — campers will be allowed to smoke marijuana on hiking trails, as long as those trails aren't within the campgrounds themselves. Marijuana won't be permitted in common areas within campgrounds, either — such as playgrounds, kitchen shelters, washrooms, parking areas or roads within Parks Canada's networks of parks, national historic sites, national marine conservation areas and historic waterways. Brisson said Parks Canada's approach to cannabis will be similar to its policy on the possession and consumption of alcohol. "As with alcohol, from time to time Parks Canada may implement specific prohibitions on consumption in specific campgrounds or at specific times of year as operational requirements arise, or in an effort to ensure that all visitors enjoy their stay," she wrote. Increased injury risks Parks Canada said campers should learn about local provincial, territorial or municipal laws on cannabis before bringing marijuana to a national park — and warned that marijuana impairment can increase the risk of serious injury from wilderness activities. "It is important to maintain environmental awareness and a clear mind when performing activities in Parks Canada's places to help prevent accidents, incidents or injury," Brisson wrote. Cannabis becomes legal for recreational use in Canada on Wednesday. Each province and territory is setting its own rules on pricing, the legal age for consumption, where marijuana can be purchased and where it can be smoked. The federal government has announced that Canadians also will be allowed to take up to 30 grams of cannabis with them on domestic flights. Transport Canada said that legal amount can be carried in either a checked bag or a carry-on. Flying high? While smoking is forbidden on commercial flights, there is no such ban on consuming marijuana in other, non-smokeable forms before landing. Asked about its policy, Transport Canada would only point to its rules regarding 'dangerous behaviour'. "Under the Aeronautics Act, behaviour that puts the safety of passengers or crew at risk on board an aircraft will continue to not be tolerated," wrote department spokesperson Marie-Anyk Côté in an email It remains illegal to transport cannabis outside of Canada, even to another jurisdiction where it's legal. Transport Canada is warning travellers about the laws by erecting signs at airports, ferry and cruise terminals, and at railway stations at exit points from Canada. The department also has been working with provinces and territories to install road signs near the border. So what would happen in the event that a Canadian domestic flight is diverted or forced to make an emergency landing in a U.S. jurisdiction where cannabis is still illegal? A government official, speaking on background, said that flight would either sit on the tarmac with the passengers aboard, or allow the passengers to disembark but limit them to a secure area until the issue with their flight is resolved and they are able to return to Canada. "In either case, the passengers would not technically be entering the U.S. unless they were to present themselves to a U.S. Customs and Border Protection officer and make the formal application to do so," the official said. Canada Post, meanwhile, is bracing for an increase in pot deliveries. It said that with its experience in delivering up to a million parcels a day — and with shipments of medical marijuana — it's ready to handle the volume. Proof of age will be required for all Canada Post pot shipments from licensed sellers, or those delivered to be picked up at a postal outlet. The postal service has been training staff in the run-up to legalization. "In preparation, we have been ensuring our employees understand the expectations in terms of proof of age, handling the product from pickup to delivery and how to deliver safely," Canada Post spokesperson Phil Legault said.
  12. If the rollout of legal recreational marijuana goes (more or less) smoothly this week, an Ottawa-based tech firm will be able to claim at least some of the credit. Canadian cannabis-fanciers are expected to log on in large numbers to buy the product online after it becomes officially legal one minute after midnight tonight. In four provinces, that online shopping experience will be shaped largely by a single company: Canadian e-commerce giant Shopify. The company was chosen to design the retail platform for online sales in Ontario, British Columbia, Prince Edward Island and Newfoundland and Labrador. Shopify's Vice-President and General Manager Loren Padelford laughed when asked whether he thinks he's joining the marijuana trade this week. "We're not the seller of the products," he said. "We're the facilitator of the technology. We give people the platform to sell whatever they want, as long as that's legal." Padelford points out that Shopify isn't in the business of selling marijuana — any more than it's in the business of selling clothing, or spa services, or any of the thousands of products now sold online using the company's e-commerce platform. Shopify's Vice-President and General Manager Loren Padelford: "We give people the platform to sell whatever they want, as long as that's legal." All the other elements of the online sales system appear to be in place. Distribution centres across the country are ready to go. In Ontario, for example, pallets of dried cannabis are stacked floor to ceiling in warehouses that look like home renovation stores. Even those who file their orders online at a minute past midnight will have to wait at least a few days for them to be filled and delivered. There is no same-day delivery. "That's a function of online sales in a lot of ways," said Padelford. "You've got to buy it first and it's got to get shipped to you." One potential wrench in the gears could be Canada Post itself: its workers are in the midst of contract negotiations and in a legal position to call a strike with 72 hours' notice. Mike Palecek, national president of the Canadian Union of Postal Workers, said the delivery of legal recreational cannabis by mail could be delayed as a result. "There is the potential that these negotiations will impact all mail delivery," Palecek told CBC News. "Canada Post has been struggling lately with a massive increase in parcels, not just from cannabis, but of course from the shift from retail to online shopping. "We've seen exponential growth in parcels and that is causing a whole number of questions that playing out at the bargaining table right now." Palacek said Canada Post is quite ready for recreational cannabis delivery and isn't expecting problems. "We've been delivering medical cannabis for years already. This is a service we already provide. "We are used to delivering parcels with age verification, with signature required, with all of these things, so we really don't expect to see anything different." The union, however, said it does expect to see an overall spike in the number of parcels being delivered by mail as the online recreational cannabis market ramps up. Canada Post spokesperson Phil Legault told CBC the carrier had continued to refine its approach to marijuana delivery since it first started carrying the medicinal product. "Awareness and training for our people has been ongoing across the country in the lead-up to October 17," Legault said. Shopify has been preparing for October 17 in its own way. The company has been working with medical cannabis for a few years, but "this lead up to cannabis legalization has been really going full tilt for about a year," Padelford said. Padelford added he is confident Shopify's tech is robust enough to handle the volume. "In combination with our data security and safety, our ability to handle large volumes is one of the things that makes Shopify so special ... we've been prepping our whole lives to handle large volumes of sales." Padelford acknowledges that Shopify probably will have more work to do on the online shopping experience after October 17. "Legalization is a process, not a single day," he said.
  13. https://i.postimg.cc/L6RTMbGh/images.jpg The RCMP are expecting to see their national forensic labs flooded with blood test requests over the next four years as Canada's new impaired driving laws mature. The force's National Forensic Laboratory Services operation (NFLS) receives bodily fluid samples, including blood and urine, that require forensic toxicology analysis to hold up in court. Bill C-46, in effect since Parliament passed it in June, introduced three new drug-related offences for drivers who have consumed drugs within two hours of driving. All of them require a positive blood test from a suspect before a Crown attorney can secure a conviction When RCMP Commissioner Brenda Lucki took over the top job earlier this year, she was warned those requests could increase 12-fold over the next four years. Waiting longer for samples is only going to increase court delays. "The RCMP estimates the volume of samples submitted to the NFLS for analysis and interpretation will increase to 6,400 by 2021-22, from the approximately 550 samples already submitted annually," notes Lucki's briefing book, obtained by CBC under access to information law. The national lab service receives forensic service requests from across Canada — except from Ontario and Quebec, which run their own public forensic laboratories for provincial and municipal investigations. Unlike the case of alcohol-impaired driving, which has seen an overall decline, "the number and rate for almost all drug-impaired driving violations has increased," notes the briefing book. "While the actual demand for forensic services and court support required for cases involving drug impaired driving is yet unknown, the RCMP anticipates a steady increase in drug impaired service requests over the next five years," said RCMP spokesperson Sgt. Marie Damian. Court concerns Kyla Lee, founder of the Canadian Impaired Driving Lawyers Association, said an increase in sample requests likely will cause more court delays. "That's going to be completely unmanageable for the RCMP labs," she said in an interview. "There's a significant wait time already for blood results in impaired driving investigations. If you increase 12-fold the number of cases that are being sent to the lab, you increase those delays 12-fold, and that has a huge impact on the administration of justice." The RCMP say that, between April and September of this year, the average turnaround time for a routine toxicology service request connected to impaired driving was 130 days. Both suspects and victims in impaired driving cases might have to wait longer to see where their cases stand if the RCMP labs are backed up, Lee said. "Waiting longer for samples is only going to increase court delays," she said. "Any time you have an issue where there's this long period of waiting, it raises certain kinds of scientific concerns about the reliability of the analysis and whether that analysis is viable as proof in court." Courtrooms across the country have been more conscious of delays since the Supreme Court of Canada's landmark Jordan decision in 2016, which set limits on the amount of time defendants should be expected to wait between charge and trial. Since then, hundreds of criminal cases have been tossed due to unreasonable delays. Robert Solomon, a law professor at Western University in London, Ont., and the national legal policy director for MADD Canada, said he expects to see an uptick in convictions. "I think the recent amendments for drug impaired driving will improve the apprehension rates, and (to) the extent you improve the apprehension rates, you discourage driving after drug use. So that's good," he said. So far, there's nothing to suggest requests for lab testing of samples gathered under the new law have started flooding in. During a media briefing earlier this month, government officials said they weren't aware of anyone having been charged with one of the new offences Solomon said law enforcement will be playing catch-up for quite some time. "There are inherent limitations ... fact is, we have no simple, fast, highly accurate way of screening large numbers of drivers for drugs. So there are technological limitations on our ability to enforce the law," he said. The RCMP closed their forensic labs in Halifax, Regina and Winnipeg in 2012 and consolidated labs in Edmonton, Vancouver and Ottawa. The closures were expected to save the federal government $3.5 million per year. iting longer for samples is only going to increase court delays," she said. "Any time you have an issue where there's this long period of waiting, it raises certain kinds of scientific concerns about the reliability of the analysis and whether that analysis is viable as proof in court." Courtrooms across the country have been more conscious of delays since the Supreme Court of Canada's landmark Jordan decision in 2016, which set limits on the amount of time defendants should be expected to wait between charge and trial. Since then, hundreds of criminal cases have been tossed due to unreasonable delays. Robert Solomon, a law professor at Western University in London, Ont., and the national legal policy director for MADD Canada, said he expects to see an uptick in convictions. "I think the recent amendments for drug impaired driving will improve the apprehension rates, and (to) the extent you improve the apprehension rates, you discourage driving after drug use. So that's good," he said. So far, there's nothing to suggest requests for lab testing of samples gathered under the new law have started flooding in. During a media briefing earlier this month, government officials said they weren't aware of anyone having been charged with one of the new offences Estimate called into question Damian said the RCMP based their 12-fold estimate on the experience in the United Kingdom. "After increasing the amount of police officers who were trained to recognize the signs and symptoms of drug-impaired drivers, the U.K. had a 12-fold increase in bodily fluid samples submitted for toxicological analysis," she said. Lee was quick to point out that the U.K. has a different legal system. "They don't have the same rules around searches and seizures and constitutional rights that we do," she said. In preparation, the RCMP plan to set up next year a department within the lab dedicated to drug-impaired driving investigations, and expect to hire 26 additional full time lab employees by the spring of 2021. Their training is expected to take 15 to 18 months. Lee said the force should have started the hiring process months ago. "Frankly, I think they've been dragging their heels," she said. Solomon said law enforcement will be playing catch-up for quite some time. "There are inherent limitations ... fact is, we have no simple, fast, highly accurate way of screening large numbers of drivers for drugs. So there are technological limitations on our ability to enforce the law," he said. The RCMP closed their forensic labs in Halifax, Regina and Winnipeg in 2012 and consolidated labs in Edmonton, Vancouver and Ottawa. The closures were expected to save the federal government $3.5 million per year.
  14. Earlier
  15. Wouldn't it be neat if there were a boat with three retractable wheels that allowed it to get in and out of the water on its own? Well there is, and it's made by New Zealand-based Sealegs. Now, the company has unveiled a new electric-drive model, the Electric E4. As is the case with Sealegs' other amphibious boats, the idea with the rigid-hulled inflatable E4 is that it can be driven short distances on land, going in or out of the water wherever there's a ramp or beach – no docks or trailer-launches are required. Once on the water, the wheels are retracted up and out of the way. While the Electric E4 still utilizes a 150-hp internal combustion outboard engine for aquatic propulsion, its wheels are equipped with brushless high-torque electric motors – buyers can choose between two- and three-wheel-drive setups. All of the motors are powered by a central 48-volt 7-kWh lithium battery pack, which is helped out by a regenerative braking system, an optional solar panel, and a step-up charger that draws power from the outboard motor while it's in use. Utilizing a traditional mains power source when the boat is on land, one four-to-five-hour charge is claimed to be good for up to 1.5 hours of drive time – the company says this should be about the same as 20 typical launches and returns. Measuring 7.3 meters long by 2.7 meters wide (23' 11" by 8' 10"), the E4 weighs in at 1,390 kg (3,058 lb) and can handle a maximum payload of 700 kg (1,543 lb). A top speed of 10 km/h (6 mph) is possible on land, with the craft reaching up to 74 km/h (46 mph/40 knots) on the water. Other features include a 24-inch touchscreen information/control panel, push-button wheel deployment/retraction, seating for up to eight people, and a sun lounger located in the bow. https://www.youtube.com/watch?v=VUwmF8MyfYw Source: Sealegs
  16. Of all the robots designed to induce cold sweats, a locomotive snake wiggling its way up a ladder might make you the chilliest. You can thank Japanese researchers at Kyoto University and the University of Electro-Communications for the video below, which shows the robotic serpent in action. It was presented at the International Conference on Intelligent Robots and Systems in Spain last week. Unlike its humanoid counterparts, which cover both cute and cuddly and demonic-looking variants, the smooth, black robot snake is controlled remotely by a PC and a Playstation controller. The machine appears to writhe as it scales the ladder. Researchers note that their scary creation moves by forming a series of basic shapes. Grooves similar to joints in a skeletal system, or pectinate muscles in the heart, allow it to shape-shift. Though it doesn't dazzle like MIT's Cheetah bot, the snake could prove useful in disaster relief efforts, especially when the terrain is rugged and first-responders can't access victims with jetpacks. The snake could ostensibly alert authorities to your location if you're ever trapped under a pile of rocks. Still, the snake doesn't bode well for your comfort when watching it wiggle up a ladder for the sake of experimentation. https://www.youtube.com/watch?v=t5UvFkt87NE
  17. In yet another move to replace humans, Boston Dynamics has introduced its Atlas robot to parkour. The Atlas is the same robot that can run to hunt down humans, do backflips over our cold dead bodies, and now navigate obstacles. Atlas feels appropriate as a name here since this thing will likely literally one day support the weight of the world on its lightweight 3D-printed robotic shoulders. The company says Atlas "uses the whole body including legs, arms and torso, to marshal the energy and strength for jumping over the log and leaping up the steps without breaking its pace." The steps are 40 centimeters high (about 1 foot, 4 inches) and Atlas uses computer vision "on the approach to hit the terrain accurately." Boston Dynamics calls the robot "the world's most dynamic humanoid" and it weighs 75 kilograms, or about 165 pounds. Basically what that means, and what you can see in the video, is that Atlas can shift its weight to leap over a log and then up on a three-tiered platform at speed using its 28 joints and hydraulic actuation. If Atlas scares you more than Boston Dynamics' Spot, that cute little dog that can open doors and walk itself, then congratulations, you're smart and maybe the robots will spare you for your healthy fear. And in case you want to invite the robots directly into your home, Boston Dynamics says it'll begin selling its SpotMini robot next year to companies that want a mechanical quadruped to go where wheels cannot. https://www.youtube.com/watch?v=LikxFZZO2sk
  18. How much data does Twitter collect when you click on links within its social network? We may eventually find out. The social network is under examination by the Data Protection Commission in Ireland, where the company has its European headquarters, Fortune reported Friday. The investigation was sparked by a complaint that Twitter may not be complying with strict new data privacy rules, known as GDPR, which kicked in across the European Union in May. The case is significant because it's the first time since the introduction of GDPR that a regulator has decided to investigate Twitter. Facebook and Google are already the subjects of multiple investigations in Europe. Under GDPR, internet users across the EU are allowed to ask companies what data is being collected about them, and the companies are obliged to tell them. But Michael Veale, Twitter user @mikarv and a researcher at University College London, claims that Twitter isn't playing ball. When you post a link to Twitter, the social network uses its own tool to shorten the link to keep track of popular articles or identify malware. But what -- if any -- other data does it collect on users when they click? Veale wants to know but said that Twitter has refused to tell him. The company said it would require disproportionate effort to supply him with the information he wants, according to Veale. "The user has a right to understand," Veale says. The Irish regulator sent Veale a letter Thursday, confirming that it's looking into his complaint and noting that the investigation will likely be handed off to the European Data Protection Board, a body set up specifically to examine potential GDPR violations. Representatives for Ireland's Data Protection Commission didn't immediately respond to a request for comment.
  19. Some of the most cutting-edge weapons in the US's military arsenal can be "easily hacked" using "basic tools", a government report has concluded. The Government Accountability Office (GAO) found "mission-critical" cyber-vulnerabilities in nearly all weapons systems tested between 2012 and 2017. That includes the newest F-35 jet as well as missile systems. Pentagon officials had no immediate response to the 50-page report from the Senate Armed Services Committee. The committee's members expressed concerns about how protected weapon systems were against cyber-attacks. The report's main findings were: the Pentagon did not change the default passwords on multiple weapons systems - and one changed password was guessed in nine seconds a team appointed by the GAO was able to easily gain control of one weapons system and watch in real time as the operators responded to the hackers it took another two-person team only one hour to gain initial access to a weapons system and one day to gain full control many of the test teams were able to copy, change or delete system data with one team downloading 100 gigabytes of information The GAO added that the Pentagon "does not know the full scale of its weapons system vulnerabilities". Ken Munro, an expert at security firm Pen Test Partners, said he was "not at all surprised" by the findings. "It takes a long time to develop a weapons system, often based on iterations of much older systems. As a result, the components and software can be based on very old, vulnerable code. "Developers often overlook 'hardening' the security of systems after they've got them operating, with the philosophy, 'it's working, so don't mess with it'. "However, that's no excuse. This report shows some very basic security flaws that could easily have been addressed by changing passwords and keeping software up-to-date."
  20. Friend or foe? A new Pentagon program wants to make insects that spread viruses to food crops to ensure food security, but scientists say the "Insect Allies" program is a biological weapon waiting to happen Can a task force of insects carrying genetically modified viruses save America's farms — or are they an uncontrollable bioweapon in the making? This is the debate swirling around a controversial new Pentagon research project called "Insect Allies." Funded by the Defense Advanced Research Projects Agency (DARPA), the project involves using gene-editing techniques like CRISPR to infect insects with modified viruses that could help make America's crops more resilient. If a cornfield were hit by an unexpected drought or suddenly exposed to a pathogen, for example, Insect Allies might deploy an army of aphids carrying a genetically modified virus to slow the corn plant's growth rate. According to the DARPA website, these "targeted therapies" could take effect in a single growing season, potentially protecting the American crop system from food security threats like disease, flooding, frost and even "threats introduced by state or non-state actors." [Biomimicry: 7 Clever Technologies Inspired by Nature] Members of the scientific community are skeptical. In a letter published today (Oct. 5) in the journal Science, a team of five scientists voiced concerns that the project could be easily exploited as a biological weapon — or at least be perceived as one by the international community. "In our opinion the justifications are not clear enough. For example, why do they use insects? They could use spraying systems," Silja Voeneky, a co-author of the letter and professor of international law at the University of Freiburg in Germany says."To use insects as a vector to spread diseases is a classical bioweapon." Blake Bextine, program manager for Insect Allies, is less concerned. "Anytime you're developing a new and revolutionary technology, there is that potential for [both offensive and defensive] capability," Bextine told The Washington Post. "But that is not what we are doing. We are delivering positive traits to plants… We want to make sure we ensure food security, because food security is national security in our eyes." Insect Allies is still in the early stages of development, and at least four U.S. colleges (Boyce Thompson Institute, Penn State University, The Ohio State University and the University of Texas at Austin)have received funding to carry out research. Bextine told The Washington Post that the project recently achieved its first milestone — testing whether an aphid could infect a stalk of corn with a designer virus that caused fluorescence. According to the Washington Post, "the corn glowed."
  21. On the eve of legalized recreational marijuana and concerns about supply shortage, one of Canada's largest producers believes automated machines will be the key to producing more cannabis. Leamington-based Aphria currently has supply agreements with every province and Yukon, boasting about plans to produce roughly 20,000 kilograms of marijuana a month by spring. As they expand their footprint to 3 million square feet, they're constantly looking at automation to reduce costs and maintain quality, said co-founder John Cervini. "It's what's made us the low-cost producer, helped us to maintain that low-cost producer status," he said during a recent tour of the facility. Robots and humans One part in the process of growing marijuana that Aphria said is almost ready to become automated is the beginning of the plant's life cycle. In a bright, white room with industrial equipment, there are three machines that have a claw-like arm hanging above a conveyer belt. This machine will use a robotic claw to gently place cuttings from Aphria's mother plants into trays to grow new plants. "This particular robot in front of us is placing cannabis cuttings into a fresh Rockwool cube to grow roots," said Cervini, who was showing the process with a video. Once the three machines are running, Cervini believes it will only take five days to process 250,000 cuttings, which grow to become plants. Currently, Cervini said six full-time employees can produce 15,000 cuttings a week — production levels that the three machines would be able to reach in three hours. Job losses from robotic gains? Aphria has between 400 to 500 employees and are constantly looking to hire more qualified people, said Cervini, and automation won't limit a growing workforce. "Honestly we don't see any actual job loss from the automation. What we're going to see is maybe some repurposing of jobs," he said. Using the automation of cuttings as an example, Cervini said the six to eight people now in charge of manual processing, and potentiality more, will be in charge of making sure those higher targets are reached with automation. Aphria is still weeks away from getting those machines running — but even after they're fully functional, the automated process won't be able to start until Health Canada gives them a green light. 'Ebb and flow' of Health Canada As Aphria anticipates those approvals, Cervini said the government body has been handling the legalization of an entire industry well. "You could see there was times when approvals took longer and then all the sudden approvals took less time, so there's been an ebb and flow of timing with Health Canada," he said. "If you look at what's been accomplished in a very short period of time in Canada around regulations for cannabis, I have to do nothing but commend Health Canada." He said the automation plans go beyond the cuttings process. The packaging and labelling aspects are also ready for automation, according to Cervini, as well as a trimming line currently staffed with about 12 people, which he envisions to be done by robotic arms in the future.
  22. A dark web drugs kingpin who was arrested last year when he arrived in the United States to compete in the World Beard and Mustache Championships has now been sentenced to 20 years in prison. On Tuesday, U.S. District Judge Robert N. Scola sentenced 36-year-old French national Gal Vallerius, aka "OxyMonster," after pleading guilty to conspiracy to possess with the intent to distribute controlled substances and conspiracy to launder money in June this year. According to a press release published by the U.S. Department of Justice, Vallerius was an administrator, senior moderator and vendor on Dream Market—one of the largest dark web marketplaces for illegal narcotics and drug paraphernalia. Launched in November 2013, Dream Market began operating on the TOR "dark web" network and was designed to make it easier for people to anonymously buy and sell illegal items and services in exchange for Bitcoin and other peer-to-peer cryptocurrencies. Vallerius initially started as a simple vendor of OxyCodone and Ritalin in Dream Market, but later he was employed by the dark web drug marketplace founders as a senior moderator and website administrator between May 2015 and August 2017. Vallerius was arrested by U.S. authorities on August 31, 2017, upon landing at Atlanta International Airport from his base in France to attend a worldwide beard competition in Austin, Texas. After his arrest, US authorities found a laptop which confirmed Vallerius' login credentials for Dream Market and uncovered roughly $500,000 worth of bitcoins and a PGP encryption key entitled OxyMonster, verifying his identity on the dark web marketplace. Vallerius also ordered to forfeit more than 121 units of bitcoin cash and nearly 100 bitcoins (totals more than $700,000) after pleading guilty before Judge Scola on Tuesday. The 20-year prison sentence Vallerius received is half the maximum amount of jail time a judge could have handed him. Vallerius is also cooperating with U.S. authorities, which could further be reduced his jail period. Vallerius is the second dark web marketplace admin to face a prison sentence in the U.S. this month. Last week, Irish man Gary Davis aka Libertas, a former Silk Road site administrators and forum moderators pleaded guilty to drug trafficking charges that carry a maximum prison sentence of 20 years.
  23. The news comes weeks after another high-profile data breach rocked the company. On Monday morning Facebook announced Portal, a new hardware component similar to an iPad that allows people to video chat with friends via the social network. As a video released by the company explains, a roving camera built in to the device can track your movements to ensure you're in frame during a conversation. You know, exactly the kind of thing any reasonable person would be enthused to purchase from Facebook right now. The product's debut comes in the wake of myriad high-profile scandals that have dogged Facebook this year. Only weeks ago, the company confirmed a security breach by hackers affected 50 million accounts. A day prior, reporting from Gizmodo detailed the company's invasive advertising practices. In April, the Cambridge Analytica data-mining crisis saw Mark Zuckerberg grilled by the United States Senate over a tense and highly publicized two days in Washington DC. Unlike everything else offered by Facebook, Portal and its larger counterpart Portal+ can be yours for a price, at $199 and $349, respectively. Portal's rollout speaks to the company's ambition to trade in hardware in addition to web content. It draws parallels to Facebook's ill-fated partnership with HTC, which twice delivered to market smartphones with baked-in Facebook apps. (Zuckerberg promised Facebook phones would be a very big thing in 2011, but you're not holding one now, are you?) Portal comes with an AI-enabled smart camera and sound, with Amazon's Alexa serving as its home assistant. The company ensures that Portal's cameras run locally and not on Facebook's servers. "Portal conversations stay between you and the people you’re calling," the company says. Users can also disable Portal's microphone or physically shutter its camera in the Zuckerberg style. In other words, Facebook maintains that your data will remain yours—which you have every reason to take as a cold comfort. In a world already full of video chat apps and home assistance, Facebook's addition is late to the party and and arriving with awkward timing given the company's past year of PR nightmares. And that's to say nothing of Facebook's business model syphon your data for the sake of advertising revenue when it's not leaking that data to outside sources. On top of all that, Portal is sure to add fire to the common (but mostly unfounded) conspiracy theory that Facebook's app eavesdrops on conversations to target people with ads. But if you're still using Facebook in spite of all that's been unfolding, maybe it actually makes sense to just dive all the way in. Source: Facebook
  24. An Irish national who helped run the now-defunct dark web marketplace Silk Road pleaded guilty on Friday to drug trafficking charges that carry a maximum sentence of 20 years in prison. Gary Davis, also known as Libertas, was one of Silk Road's site administrators and forum moderators for Silk Road, then-largest underground marketplace on the Internet used by thousands of users to sell and buy drugs and other illegal goods and services. Silk Road went down after the law enforcement raided its servers in 2013 and arrested its founder Ross William Ulbricht, who has been sentenced to life in prison after being convicted on multiple counts related to the underground drug marketplace. The FBI also seized Bitcoins (worth about $33.6 million, at the time) from the website. Those Bitcoins were later sold in a series of auctions by the United States Marshals Service (USMS). According to a press release published by US Department of Justice, Davis helped the black market website "run smoothly" and provided "customer support" to Silk Road users for assisting them with their buyer or seller accounts on the site for several months in 2013. Davis kept Ulbricht and other site administrators informed about any issues reported by Silk Road users and received a weekly salary for this job. Davis was arrested in Ireland in January 2014 and indicted by U.S. federal prosecutors in 2013. He fought extradition in Irish courts, arguing that incarceration in the U.S. could hurt his mental health and endanger his life, violating his fundamental rights. However, Ireland's Supreme Court rejected Davis' arguments, and he was extradited to the United States in July 2014. "Silk Road was a secret online marketplace for illegal drugs, hacking services, and a whole host of other criminal activity," Manhattan U.S. Attorney Geoffrey S. Berman said in a statement. "As he admitted today, Gary Davis served as an administrator who helped run the Silk Road marketplace. Davis's arrest, extradition from Ireland, and conviction should send a clear message: the purported anonymity of the dark Web is not a protective shield from prosecution."Prosecutors said Silk Road was responsible for selling more than $200 million worth of illegal drugs and other contraband. Davis pled guilty to one count of conspiring to distribute massive quantities of narcotics, facing a maximum of 20 years in prison. He is expected to be sentenced on 17 January 2019 by Judge Furman.
  25. A media report today revealed details of a significant supply chain attack which appears to be one of the largest corporate espionage and hardware hacking programs from a nation-state. According to a lengthy report published today by Bloomberg, a tiny surveillance chip, not much bigger than a grain of rice, has been found hidden in the servers used by nearly 30 American companies, including Apple and Amazon. The malicious chips, which were not part of the original server motherboards designed by the U.S-based company Super Micro, had been inserted during the manufacturing process in China. The report, based on a 3-year-long top-secret investigation in the United States, claims that the Chinese government-affiliated groups managed to infiltrate the supply chain to install tiny surveillance chips to motherboards which ended up in servers deployed by U.S. military, U.S. intelligence agencies, and many U.S. companies like Apple and Amazon. "Apple made its discovery of suspicious chips inside Supermicro servers around May 2015, after detecting odd network activity and firmware problems, according to a person familiar with the timeline," the report said. "Since the implants were small, the amount of code they contained was small as well. But they were capable of doing two very important things: telling the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and preparing the device’s operating system to accept this new code." The chips suspected to have been added to help Chinese government spy on American companies and their users—basically a "hardware hack" that according to the publication is "more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get." "Depending on the board model, the chips varied slightly in size, suggesting that the attackers had supplied different factories with different batches," the report said. The publication claims that Apple and Amazon found these chips on their server motherboards in 2015 and reported it to US authorities, though both Apple and Amazon strongly refute the claims. Apple, Amazon, and Super Micro Refute the Bloomberg Report Apple told Bloomberg that the company has never found malicious chips, "hardware manipulations," or vulnerabilities purposely planted in any of its servers, or it "had any contact with the FBI or any other agency about such an incident." Apple ended its relationship with Super Micro in 2016. To its best guess, Apple said that the Bloomberg reporters confused their story with a previously-reported 2016 incident in which the company found an infected driver on a single Super Micro server in one of its labs. "While there has been no claim that customer data was involved, we take these allegations seriously, and we want users to know that we do everything possible to safeguard the personal information they entrust to us," Apple says. "We also want them to know that what Bloomberg is reporting about Apple is inaccurate." Amazon also says it is "untrue" that the company knew of "a supply chain compromise," or "servers containing malicious chips or modifications in data centers based in China," or that it "worked with the FBI to investigate or provide data about malicious hardware." Meanwhile, Supermicro and Chinese Ministry of Foreign Affairs have also strongly denied Bloomberg's findings.
  26. The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and has previously launched attacks against a number of media organizations, aerospace, financial and critical infrastructure sectors across the world. The group had also reportedly been associated with the WannaCry ransomware menace that last year shut down hospitals and big businesses worldwide, the SWIFT Banking attack in 2016, as well as the Sony Pictures hack in 2014. Now, the FBI, the Department of Homeland Security (DHS), and the Department of the Treasury have released details about a new cyber attack, dubbed "FASTCash," that Hidden Cobra has been using since at least 2016 to cash out ATMs by compromising the bank server. FASTCash Hack Fools ATMs into Spitting Out Cash The investigators analyzed 10 malware samples associated with FASTCash cyber attacks and found that attackers remotely compromise payment "switch application servers" within the targeted banks to facilitate fraudulent transactions. Switch application server is an essential component of ATMs and Point-of-Sale infrastructures that communicates with the core banking system to validate user's bank account details for a requested transaction. Whenever you use your payment card in an ATM or a PoS machine in a retailer shop, the software asks (in ISO 8583 messages formats) the bank's switch application server to validate the transaction—accept or decline, depending upon the available amount in your bank account. However, Hidden Cobra attackers managed to compromise the switch application servers at different banks, where they had accounts (and their payment cards) with minimal activity or zero balances. The malware installed on the compromised switch application servers then intercepts transaction request associated with the attackers’ payment cards and responds with fake but legitimate-looking affirmative response without actually validating their available balance with the core banking systems, eventually fooling ATMs to spit out a large number of cash without even notifying the bank. "According to a trusted partner's estimation, HIDDEN COBRA actors have stolen tens of millions of dollars," the reports says. "In one incident in 2017, HIDDEN COBRA actors enabled cash to be simultaneously withdrawn from ATMs located in over 30 different countries. In another incident in 2018, HIDDEN COBRA actors enabled cash to be simultaneously withdrawn from ATMs in 23 different countries."Hidden Cobra threat actors are using the FASTCash scheme to target banks in Africa and Asia, though the U.S. authorities are still investigating the FASTCash incidents to confirm whether the attack targets banks in the United States. How Attackers Managed to Compromise Banks’ Switch Application Servers Though the initial infection vector used to compromise Bank networks is unknown, the U.S. authorities believe that the APT threat actors used spear-phishing emails, containing malicious Windows executable, against employees in different banks. Once opened, the executable infected bank employees' computers with Windows-based malware, allowing hackers to move laterally through a bank’s network using legitimate credentials and deploy malware onto the payment switch application server. Though most compromised switch application servers were found running unsupported IBM Advanced Interactive eXecutive (AIX) operating system versions, investigators found no evidence that attackers exploited any vulnerability in AIX operating system. US-CERT recommended banks to make two-factor authentication mandatory before any user can access the switch application server, and use best practices to protect their networks. US-CERT has also provided a downloadable copy of IOCs (indicators of compromise), to help you block them and enable network defenses to reduce exposure to any malicious cyber activity by the Hidden Cobra hacking group. In May 2018, the US-CERT also published an advisory alerting users of two different malware—Remote Access Trojan (RAT) known as Joanap and Server Message Block (SMB) worm called Brambul—linked to Hidden Cobra. Last year, the DHS and the FBI also issued an alert describing Hidden Cobra malware Delta Charlie—a DDoS tool that they believed North Korea uses to launch distributed denial-of-service attacks against its targets. Other malware linked to Hidden Cobra in the past includes Destover, Wild Positron or Duuzer, and Hangman with sophisticated capabilities, like DDoS botnets, keyloggers, remote access tools (RATs), and wiper malware.
  27. The Canada Revenue Agency, the RCMP, Statistics Canada and more than a dozen other federal departments and agencies have failed an international test of the security of their credit card payment systems. Altogether, half of the 34 federal institutions authorized by the banking system to accept credit-card payments from citizens and others have flunked the test — risking fines and even the revocation of their ability to accept credit and debit payments. Those 17 departments and agencies continue to process payments on Visa, MasterCard, Amex, the Tokyo-based JCB and China UnionPay cards, and federal officials say there have been no known breaches to date. These institutions all fell short of a global data-security standard launched in 2006 that's meant to foil fraud artists and criminal hackers bent on stealing names, numbers and codes for credit and debit cards. "A security violation on a department's databases would have a terrible effect on the government's reputation and public trust which will have a long-term effect on the stewardship functions of government," says a June 7 briefing note. "Departments may be subject to fines, card replacement costs or incur costly forensic audits. Moreover, a payment processor may suspend and revoke the privilege to accept payment cards, or increase transaction processing fees." Main culprit? A document obtained from the deputy minister of Public Services and Procurement Canada (PSPC), under the Access to Information Act suggests the main culprit is Shared Services Canada (SSC), the federal IT agency created in 2011 that operates and maintains data systems for 13 of the 17 non-compliant institutions. Eleven of the 13 SSC clients who fell short of the credit card security standard say the agency itself has not fixed the security problems. "Based on the latest information, all 13 departments which are supported by SSC are considered to be non-compliant, of which 11 have indicated SSC IT systems related problems as the largest contributing factor," says a Public Services letter to the head of cyber and IT security at Shared Services. "As such, we need to understand how SSC intends to support these non-compliant departments." The institutions that failed the credit card security checks are: Health Canada, RCMP, Industry Canada, Transport Canada, National Research Council, Canada Border Services Agency, Natural Resources Canada, Immigration Refugees and Citizenship, Statistics Canada, Fisheries and Oceans, Canada Revenue Agency, Canada Food Inspection Agency and Library and Archives Canada, all of which depend on SSC for their IT. I think the [data security] standard that government departments should be held to is higher than this. The Library of Parliament, National Defence, the National Film Board of Canada and the Canadian Centre for Occupational Health and Safety are also non-compliant, but are responsible for the security of their own IT systems. The global standard is known as PCI DSS, for "Payment Card Industry Data Security Standards." It was established by five of the big credit-card firms. Federal departments must self-assess against the standard annually. The Receiver General for Canada, a unit of PSPC responsible for, among other things, ensuring departments are compliant, inspects the self-assessment reports for problems. The Receiver General also hired the accounting firm Deloitte to review results and recommend fixes, and hired TELUS to validate the self-assessment questionnaires. "To our knowledge there have not been any issues and no departments have had their privilege revoked as a result of non-compliance," said PSPC spokesperson Rania Haddad. "If the independent security assessor [TELUS] were to flag any concerns of medium or high risk of a breach of privacy, PSPC would consider revoking payment card privileges. No such signal has been given to date and no department has had their privilege revoked." The Receiver General has been pushing Shared Services Canada to "take a more leading role" in meeting the global standards for its clients, says the briefing material. A spokesperson for Shared Services laid some of the blame on the more than 700 small data centres it inherited in 2011, when the agency was created to assume IT responsibilities across government. SSC has closed 155 of those centres and established three modern data centres, but still struggles with legacy data-processing systems that are aging and inefficient, said Monika Mazur. "We have identified approximately 12 to 15 per cent of applications that are non-compliant with the [security] standard, which we are working to address with our customers," she said. "Shared Services Canada is also coordinating vulnerability scans and penetration tests to further improve compliance and security of card holder data." Months to discover A 2018 global report by the telecommications firm Verizon said 68 per cent of data breaches took months to discover, and were often first reported by a third party. A data expert at Queens University in Kingston, Ont., calls the PCI DSS standard a "limited instrument" and "blunt tool." "It's one of those standards that hovers between something useful and security theatre," said David Skillicorn, a professor in the school of computing. "There's no reason why you shouldn't meet the standard. I think the standard that government departments should be held to is a lot higher than this."
  1. Load more activity