AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets – April 23, 2019

Puzzlomaly is a death metal album that sounds like others from the genre: it’s filled with screeching vocals, bludgeoning beats and dizzying guitar solos. However, the record – which you can listen to on Bandcamp or in the widget below – wasn’t produced by actual musicians. Rather, it was created by a pair of technologists, CJ Carr and Zack Zukowski, using a deep a deep learning algorithm they created. It listened to an actual record – Psyopus’ Ideas of Reference in this case – 29 times over several days before recreating an approximated version that captures the musical elements of the original. The results are not wholly human. The vocals are distorted, the rhythm is way too aggressive, even by metal standards, and there is no pause for a breather. But for a casual, untrained listener of metal music like me, the music is pretty convincing.


2 A hotspot finder app exposed 2 million Wi-Fi network passwords

A popular hotspot finder app for Android exposed the Wi-Fi network passwords for more than two million networks. The app, downloaded by thousands of users, allowed anyone to search for Wi-Fi networks in their nearby area. The app allows the user to upload Wi-Fi network passwords from their devices to its database for others to use. But that database of more than two million network passwords, however, was left exposed and unprotected, allowing anyone to access and download the contents in bulk. Sanyam Jain, a security researcher and a member of the GDI Foundation, found the database and reported the findings to TechCrunch.


3 Patient PII exposed in leak of Pennsylvania-based rehab center records

A trove of personally identifiable information on patients at an addiction treatment center in Pennsylvania has been left in an insecure database, potentially exposing those people to identity theft. Patient names, their rehab care provider, and specific procedures they received were among the information sitting in a database that didn’t require authentication for someone to access, according to Justin Paine, the security researcher who made the discovery. Taking a tiny sample size of the nearly 5 million rows of data that he found, Paine roughly estimated that over 146,000 unique patients could be affected by the data leak. He emphasized, however, that it is “entirely possible” that the sample was not representative of the full dataset.


4 DHS wants to use facial recognition on 97 percent of departing air passengers by 2023

The Department of Homeland Security in a report released Wednesday said that it is aiming to use facial recognition technology on 97 percent of departing air passengers within the next four years. Customs and Border Protection (CBP), which is a part of Homeland Security, said that it believes it can implement facial recognition technology in airports across the country by 2023 by partnering with airports and airlines, which help the agency deploy cameras to capture peoples' faces. CBP has been implementing this program, which photographs passengers at their airport gates before they board their flights, in 2017. By 2018, the agency had unveiled the program at 15 U.S. airports.


5 “Anyone relying on LIDAR is doomed,” Elon Musk says

Today at Tesla’s first Autonomy Day event, Elon Musk took questions from the press but didn’t have time for questions about Lidar. Historically, he’s been vocal about the technology, and this time he put it as clear as he could. “LIDAR is a fool’s errand,” Elon Musk  said. “Anyone relying on LIDAR is doomed. Doomed! [They are] expensive sensors that are unnecessary. It’s like having a whole bunch of expensive appendices. Like, one appendix is bad, well now you have a whole bunch of them, it’s ridiculous, you’ll see.” The topic was brought up by a question about if Tesla’s  just-revealed self-driving hardware could handle input from LIDAR.


6 Windows 7 Now Showing End of Support Warnings

Microsoft has started to display alerts in Windows 7 stating that the operating system will reach end of support on January 14, 2020. This alert links to a page that then recommends users upgrade to Windows 10. On January 14th, 2020, Windows 7 will officially reach end of support and Microsoft will no longer offer free security updates and technical support for the operating system. As we reported in March, in order to notify users of this impending date, Microsoft had started pushing the KB4493132 update that would be used to display alerts starting on April 18th, 2019 and running through January 15th, 2020.

Related Posts