Apple delivers a new redesigned Maps for all users in the United States



Maps helps hundreds of millions of people in over 200 countries navigate and explore the world. It’s everywhere customers are: at home, in the office, on the go on users’ iPhone, iPad, Mac and Apple Watch, and in the car with CarPlay. Privacy is central to the Maps experience, offering personalized features created using on-device intelligence. Maps is deeply integrated into the most popular apps customers use every day, including Photos, Messages, Calendar, Weather and more. With MapKit and MapKit JS, Maps is also the foundation for many popular third-party apps and services like Instagram, Bank of America and Nike Run Club.

Building on the new map, iOS 13 introduced many new features that help users navigate and explore the world with a simple tap. 

Explore Major Cities with Look Around

Maps offers interactive street-level imagery with high-resolution, 3D photography and smooth and seamless transitions through major cities with Look Around. Customers from anywhere in the world can navigate through New York City, the San Francisco Bay Area, Los Angeles, Las Vegas, Houston and Oahu, with many more places to come.



Exonerated: Charges dropped against pentesters paid to break into Iowa courthouse


Three-story courthouse with corner gables.
Enlarge / The Dallas County Courthouse in Adel, Iowa.

Prosecutors have dropped criminal charges against two security professionals who were arrested and jailed last September for breaking into an Iowa courthouse as part of a contract with Iowa’s judicial arm.

The dismissal, which was announced on Thursday, is a victory not only for Coalfire Labs, the security firm that employed the two penetration testers, but the security industry as a whole and the countless organizations that rely on it. Although employees Gary DeMercurio and Justin Wynn had written authorization to test the physical security of the Dallas County Courthouse in Iowa, the men spent more than 12 hours in jail on felony third-degree burglary charges. The charges were later lowered to misdemeanor trespass.

The case cast a menacing cloud over an age-old practice that’s crucial to securing buildings and the computers and networks inside of them. Penetration testers are hired to hack or break into sensitive systems or premises and then disclose the vulnerabilities and techniques that made the breaches possible. Owners and operators then use the information to improve security.

“I’m very glad to hear this,” said a professional pentester when I told him the charges were dropped (he prefers to use only his handle: Tink). “Clients and security firms have an obligation to protect their pentesters and consultants. Pentesters are not criminals. Pentesters help organizations protect against criminals.”

Attempts to reach Dallas County Attorney Charles Sinnard after hours were unsuccessful. DeMarcurio and Wynn declined to speak with me.

Get out of jail free

DeMercurio and Wynn were arrested in the early hours of September 11 after a dispatcher with the Dallas County sheriff’s department observed the men wandering through the closed county courthouse with dark backpacks. When sheriff’s deputies confronted the men shortly afterward, they produced a letter—known as a get-out-of-jail-free card in pentesting parlance—that said they had been hired by Iowa’s State Court Administration to assess the security of its physical and network security. Deputies were friendly and interested as DeMercurio and Wynn explained how they used a lock-picking device to bypass a locked front door.

When Sheriff Chad Leonard arrived on the scene, things took a decidedly more adversarial tone. Leonard said he was unaware of any such arrangement and, furthermore, he said the State Court Administration lacked the authority to permit the after-hour entry of county property. The pentesters spent more than 12 hours in the county jail until they were released on $100,000 bail ($50,000 for each). In the days to follow officials discovered that the pentesters had also performed physical penetration tests on the Polk County Courthouse and Judicial Building.

The turf war between Dallas County and state officials was only one of the things complicating the case. The other issue was the legal agreement Coalfire signed with the State Court Administration. The full agreement was broken into three separate documents that contained confusing and contradictory terms describing the work to be performed. An initial service order outlined a plan to conduct “Physical Attacks” against the Dallas County courthouse and two other buildings, but in later forms, the pentesting activities were described as “Social Engineering.” There was also conflicting language about whether the pentesters were authorized to use lock-picking gear and whether they were permitted to test physical security after hours.

After learning of the pentesting contract, Dallas County Attorney Charles Sinnard reduced the charges, but despite there being no support for criminal intent, he continued to prosecute the two men. In a statement Coalfire issued on Thursday, officials wrote:

Following discussions between representatives of Coalfire, the Dallas County Sheriff and the Dallas County Attorney, it was the decision of the Dallas County Attorney to dismiss trespass charges against the Coalfire employees. It is clear that on September 11, 2019 it was the intention of the Dallas County Sheriff to protect the citizens of Dallas County and the State of Iowa by ensuring the integrity of the Dallas County Courthouse. It was also the intention of Coalfire to aid in protecting the citizens of the State of Iowa, by testing the security of information maintained by the Judicial Branch, pursuant to a contract with State Court Administration.

Ultimately, the long-term interests of justice and protection of the public are not best served by continued prosecution of the trespass charges. Those interests are best served by all the parties working together to ensure that there is clear communication on the actions to be taken to secure the sensitive information maintained by the Judicial Branch, without endangering the life or property of the citizens of Iowa, law enforcement or the persons carrying out the testing. It is the hope of Dallas County and Coalfire that the Judicial Branch will work with them so that any issues carrying out such vital testing can be avoided in the future.

Coalfire CEO Tom McAndrew added, “With positive lessons learned, a new dialogue now begins with a focus on improving best practices and elevating the alignment between security professionals and law enforcement. We’re grateful to the global security community for their support throughout this experience.”

In a statement, DeMercurio and Wynn’s attorney said:

Mr. Wynn and De Mercurio are relieved that the accusations have been dismissed but are frustrated with the entirety of the process. Law enforcement and prosecutors should appreciate the fact that an arrest for a criminal offense can never be undone, even after the charge is dismissed.

The justice system ceases to serve its crucial function and loses credibility when criminal accusations are used to advance personal or political agendas. Such a practice endangers the effective administration of justice and our confidence in the criminal justice system. This entire ordeal could have been avoided by simply respecting the fact finding that the responding law enforcement officer conducted which verified the work was authorized by the Judicial Branch. Unfortunately, the lack of communication between government entities, an ignorance of the law, personal pride and politics overrode the objective investigation conducted by responding law enforcement.

Mr. Wynn and De Mercurio would like to thank the responding sheriff depututies and City of Adel Police Department officers for their professionalism. They would also like to thank Coalfire for the unconditional support they received especially from CEO Tom McAndrew and Vice President Mike Weber. Finally, they would like to thank the Cyber Security family for the immense amount of support they provided.

This was an unprecedented event for the Cyber Security Community. Mr. Wynn and De Mercurio are looking forward to sharing their experiences in an effort to help educate others in order to better secure this nation.



Apple seeks to simplify two-step verifications with standard SMS format



 

Apple’s WebKit engineers are working on a standardized format for SMS messages containing one-time passcodes, an initiative that could one day better protect users by streamlining two-step authentication logins.

Two-step

Apple previously relied on two-step verification for Apple ID.

Posted to GitHub on Thursday, the proposal from Apple seeks to simplify the OTP SMS mechanism commonly used by websites, businesses and other entities to confirm login credentials as part of two-step authentication systems, reports ZDNet.

Two-step solutions require a user’s password and another element, in this case a one-time code sent over SMS, to gain access to a target account. Currently, it is difficult to impossible for software to automatically extract the necessary information from an OTP SMS message, as they can arrive in a range of text formats. This means users must manually enter the provided code into an input box.

Apple’s proposal seeks to eliminate user intervention in the OTP SMS process, namely copy-and-pasting one-time codes from messages into a browser. It also states that a more refined solution would ensure that one-time codes sent over SMS are used only on originating sites.

Using a “lightweight text format,” the proposed format embeds an actionable one-time code in an SMS message and links that code to a particular originating URL. Doing so allows recipient systems to automatically extract the code and log in to an associated website.

Apple provides an example SMS:

747723 is your [website] authentication code.

@website.com #747723


The first line in the message above is optional human-readable text to explain the incoming message, while the second line contains information for programmatic use. Special characters are employed to denote the one-time code and originating URL, which in this case is “747723” and “website.com,” respectively.

Apple and Google have signed on to the proposal, while Mozilla has not made an official statement on the standard, the report said.

For its part, Apple has moved its products from two-step verification to more secure two-factor authentication methods that rely on passcodes sent to pre-enrolled trusted devices.





Best Lenses for Real Estate Photography


Just like shooting weddings or landscapes, real estate photography has it’s own set of requirements to get the best images.  

And the lens you use for shooting portraits or the Milky Way might not get you the best results if you are shooting real estate.  

I know, like you need another reason to go out and buy more photography gear.  

Thankfully, the range of lenses that will suit you well is vast and comes in at almost any price point.  

Let’s break down what focal lengths work, which probably won’t work, and get you prepared to take the best kitchen photos of your career.

First off, let’s start with what focal lengths probably don’t work and why. Real estate can be tricky.  

At first you may think, “Well I’d want to shoot super wide to capture the entire room in one image.”  

And you wouldn’t necessarily be wrong.  However, a real estate photography veteran, Scott Hargis, said in regards to shooting too wide, “It’s better to have 2 concise sentences than 1 long run-on sentence.”

This means that going too wide will be detrimental to the photo’s ability to tell the story of the home.  

The resulting image will contain a foreground that unrealistically dominates and a background that disappears into the distance.  

It won’t tell the true story of how the room looks or feels.  You can easily make any room look like a bowling alley when shooting too wide.

Therefore, it’s better to have 2 neat and clean photos of a room instead of one really wide one.

Opposite of that is shooting too tight.  Obviously homes are big.  

Even a small living room is much larger to a camera than it is to your eyes.

Shooting too tight, say 50mm or more, will not help a potential buyer get a feel for the space.  

Let’s save those focal lengths for some fancy detail shots of the very expensive Viking stove or the custom hardwood cabinets.

Now let’s talk about what focal lengths do work.  

For the majority of real estate photos, somewhere around 20-25mm is what many professional interior photographers use (myself included).  

On a crop sensor that would be about 14-17mm.  

This will produce photos that give the best feel for a room and also challenge you to find interesting compositions instead of simply standing in a corner, zooming all the way out, and clicking the shutter (that usually makes for uncompelling photos).  

However, because photography is an art not a science, shoot at the focal length that best represent your style.  

I’ve shot rooms at 17mm before and I’ve shot at 35mm before.  It will vary quite a bit.

What about fast lenses?  The overwhelming majority of real estate photos need to be in sharp focus from the front to back.  

This means you’ll be shooting somewhere between f/7.1-11.  No need for fast f/2.8 lenses in this line of work.  

This is great news because f/4 lenses tend to be much cheaper than their faster brothers and sisters.  

If you are wanting to get some slick shallow DOF shots of that fancy kitchen sink, don’t worry.  

F/4 will be shallow enough to achieve that.  But if all you have is an f/2.8 lens, use it and it will work out great.

What about fish eye lenses?  No.  Never for real estate.  The distortion from a fish eye is unbearable and most real estate professionals won’t accept images like that.

Now that you are all jazzed up and ready to make yet another deduction from your daughter’s college fund, here are the best lenses for real estate photography at various price points:

For crop sensors:

Tokina f/4.0 AT-X Pro DX Lens

Nikon AF-S DX NIKKOR f/4G IF-ED Zoom Lens

Tamron F/3.5-4.5 Di-II VC HLD Wide Angle Zoom Lens

Rokinon FE14M-C F2.8 Ultra Wide Lens

Tokina 12-28mm f/4.0 AT-X Pro DX Lens for Nikon

Tokina f/4.0 AT-X Pro DX Lens

Nikon AF-S DX NIKKOR 12-24mm f/4G IF-ED Zoom Lens with Auto Focus for Nikon DSLR Cameras

Nikon AF-S DX NIKKOR f/4G IF-ED Zoom Lens

Tamron 10-24mm F/3.5-4.5 Di-II VC HLD Wide Angle Zoom Lens for Nikon APS-C Digital SLR Cameras

Tamron F/3.5-4.5 Di-II VC HLD Wide Angle Zoom Lens

Rokinon FE14M-C 14mm F2.8 Ultra Wide Lens for Canon (Black)

Rokinon FE14M-C F2.8 Ultra Wide Lens

For full frame sensors:

Tokina F/4 at-X Pro fx Lens

Tokina f/4 AT-X Pro FX Lens

Tamron f/2.8 Di VC USD Wide-Angle Lens

Sigma f/4 DG HSM Art Lens

Nikon AF-S FX NIKKOR f/4G ED Vibration Reduction Zoom Lens

Canon EF f/4L IS USM Lens

Tokina 17-35mm F/4 at-X Pro fx Lens for Canon

Tokina F/4 at-X Pro fx Lens

Tokina 17-35mm f/4 AT-X Pro FX Lens for Nikon

Tokina f/4 AT-X Pro FX Lens

Tamron AFA012N700 SP 15-30mm f/2.8 Di VC USD Wide-Angle Lens for Nikon F(FX) Cameras

Tamron f/2.8 Di VC USD Wide-Angle Lens

Sigma 12-24mm f/4 DG HSM Art Lens for Canon EF  (205954)

Sigma f/4 DG HSM Art Lens

Nikon AF-S FX NIKKOR 16-35mm f/4G ED Vibration Reduction Zoom Lens with Auto Focus for Nikon DSLR Cameras

Nikon AF-S FX NIKKOR f/4G ED Vibration Reduction Zoom Lens

Canon EF 16-35mm f/4L IS USM Lens - 9518B002

Canon EF f/4L IS USM Lens

Sadly, native Sony lenses are few and far between.  Fortunately, Sony shooters have the ability to purchase a Metabones (or equivalent) lens adapter.  

This means you can use Canon lenses on your Sony bodies.

I can’t speak to all these lenses because I’m not a millionaire.  

But I personally own the Tokina 17-35mm and a Rokinon 24mm tilt/shift, which we’ll discuss in a moment.  

The Tokina produces a perfectly viable image for almost all levels of real estate photography.  

I’ve shot a $130k listing with it and I’ve shot a $5.5M VRBO mountain lodge with it and both clients loved the photos.  

It is my main workhorse when doing real estate photography.  It also doubles as a great landscape lens and I’ve even used it to take photos of the Milky Way at f/4.  

If you are looking to save a few bucks on a lens that will serve a number of purposes, the Tokina is good choice.

What I don’t like about Tokina is the clutch mechanism for the focus control.  

You have to slide a clutch back and forth to engage or disengage the autofocus.  

What happens about 90% of the time is the little gears inside the clutch get mashed and you have to jiggle it to get them to line up.  

It’s super annoying.  As far as image quality goes, it is a bit soft when zoomed in at 100% (in Lightroom) but it’s nothing a client will ever notice, especially when the images are compressed into oblivion by the MLS.

Tilt/Shift Lenses

Now let’s get into some really exciting parts of real estate photography: tilt/shift lenses.

T/S lenses have a wide variety of specialty uses in almost every type of photography, from portraits, to weddings, to cityscapes.  

They are most well known for being able to give an image that special miniature look.  

For real estate application, the ability to shift the image cast on the sensor makes them great for maintaining straight verticals while achieving the desired composition.

Wait, maintaining straight verticals?  That’s right.  

Lesson number one in real estate photography is to keep your verticals straight.  

The camera needs to be perfectly leveled (or perfectly corrected in post) in order to deliver the most pleasing image.  

Walls should be straight up and down, windows or doorways shouldn’t be tilting or falling backward.  

They way a T/S lens achieves this is by casting a large image circle on the sensor and allows you to literally move that image circle up or down (or left or right) so you can keep your camera level but still get the desired composition.  

It may be hard to image that but once you start playing around with a t/s lens it really makes sense.

This works perfectly when taking photos of rooms with tall ceilings or when shooting the exterior of the home.  

I shot the photo at the top of the page with a Rokinon 24mm T/S lens.  

The lens was shifted up to achieve the proper composition while keeping the camera level.  

I was actually well below the house and left my modified painter’s pole at home so I improvised by putting my tripod on the roof of my car.  

The T/S lens saved me by getting the right composition that would have been impossible with a traditional lens.

And yes, you can correct verticals in post (as I mentioned before) but lesson number one for photography in general is get the image right in camera first, don’t let post processing be a crutch.  

A T/S lens takes your real estate photography to the next level by allowing you to get the image right in the first place (and allows you to keep all your pixels intact).  

There is somewhat of a learning curve when using T/S lenses for real estate, something we’ll probably cover in another article.  

And then there is the added cost of having to buy yet another hunk of glass.

Is a Tilt/Shift lens worth it?

A T/S is well worth it if you decide to be serious about your real estate photography.  

You’ll be able to get the same professional results that high end photographers use for shooting content for expensive clients.  

And you get the added bonus of wowing your clients with a lens that has knobs and dials.  

While on a architectural shoot this past winter, I had a photographer approach me and ask to take a photo of my lens because he had never before seen one quite like it.

Luck for you, there are 2 options for T/S lenses: inexpensive ones and expensive ones.

Rokinon makes very reasonably priced ($730-$780) T/S lenses for Canon, Nikon, Sony (a- and e-mount), and Pentax.  

I personally use a Rokinon 24mm T/S for my Nikon D750 and it is very good for the price.  The images are sharp and it is easy to use.  

The downside is that they are fully manual lenses and the knobs can be a bit tricky to maneuver because they are kind of small.  

I’ve heard from other photographers that the Canon and Nikon T/S lenses are easier to maneuver and produce exceptional images.

Nikon and Canon have their own versions of T/S lenses that are not surprisingly much more expensive.  

Canon offers a 24mm and a 17mm.  Nikon has a 24mm and a 19mm offering.  

But don’t go smashing your son’s piggy bank just yet.  

The Nikons run $2,200 and $3,400 new.  The Canons are $1,899 and $2,149.  

That Rokinon coming in at $730 isn’t looking too bad, now is it?

Here I used a t/s lens to get the unique ceiling beams while still maintaining correct verticals. Image by Kirk Bergman.

Do I have to buy all new gear (again)?

Finally, now that I’ve wet your whistle for trying out real estate photography, I know you’re asking, “Well, I want to give this a try, can I use my kit (or 24-70) lens?”  You absolutely can.  

Try to stay on the wider end of the focal range and you’ll be just fine.

If you have never done real estate photography and only have a kit lens or a general purpose lens, give it a try on your own living room.  

See what kinds of compositions you can come up with and if you think those images are good enough to tell the story of your home.

Real Estate photography doesn’t need to be another expensive photography hole you dump money into (although who are we kidding, it probably will be).  

You can take great images with even the most basic gear.  Another well respected real estate photographer, Mike Kelley, shot a home twilight exterior using a Canon Rebel t1 and an 18-55mm kit lens.  

He proves that it’s the photographer who makes the image, not the camera.

How to get started

We’ve talked about the best lenses to get the best real estate photographs.

Maybe you’ve seen one you want to buy right now or maybe simply put on your Amazon wishlist.  

The right gear will make your job easier but by no means do you need all the expensive glass to get the job done.  

And if you are just starting out, give it shot with the gear you currently own.

If you think real estate photography is for you, consider stepping up your game with more specialized gear.

And if you’re really interested in learning more, be sure to check out Improve Photography’s Real Estate Starter Pack.  It’s really inexpensive and yet you get:

  1. The real estate photo contract Jim uses for all his real estate shoots (a $250 value)
  2. 10 Lightroom presets to help you make bright, clean, and airy images
  3. The pricing template that Jim uses for his real estate shoots

See all the details here: https://improvephotography.com/real-estate-photographers-starter-package/

Last Updated on 2020-01-31 //Source: Affiliate Affiliates


About the Author

Kirk Bergman

Facebook

I’ve been doing photography as a hobby since my first photo class in 10th grade. Now, I shoot professionally as a real estate and architectural photographer. I am also a brand consultant for many real estate agents in my area. When I go on trips, I try to squeeze in a bit of landscape photography as well. You can see my personal projects on my portfolio Facebook page and my business projects at http://www.agyntstudio.com





This Week’s Deals – CTech


Comtech telecommunications acquired Gilat Satellite networks for $532.5 Million. Earlier this month, Calcalist reported that the Israeli satellite telecommunications company was in advanced talks to be acquired for approximately $579 million. Read more


 

Insight Partners paid $125 million for a stake in gaming company Moon Active. Earlier this month, Calcalist reported that the New York venture firm was negotiating for an 8%-10% stake in Moon Active according to a company valuation of approximately $1.2 billion. Read more


Gilat satellites. Photo: Zvika Tischler Gilat satellites. Photo: Zvika Tischler

 

Marketing startup Yotpo acquired SMS marketing company SMSBump. SMSBump provides a messaging platform to companies that contact customers via texts to inform them of order status updates, special offers, and customized promotions. Read more

 

Israeli insurers Phoenix and Menora invested 48 million euros in Enlight’s Spanish wind turbine project. The Gecama project in the Castilla-La Mancha region, currently in advanced stages of development, is expected to supply 300-megawatts of electricity. Read more

 

German National soccer league acquired a stake in sportstech startup MOVEZ. MOVEZ develops a mobile app that uses computer vision and artificial intelligence technologies to evaluate a user’s skills in sports that involve a ball. Read more

 

Stoa raised $60 million in credit, $4 million in equity. The Tel Aviv-based startup develops a unified service for U.S. renovators, subcontractors, and buyers. Read more

 

Data company Iguazio raised $24 million. Iguazio offers data management services and artificial intelligence tools designed to improve the performance, security, and scalability of machine learning applications. Read more

 

Delivery startup Bond raised $15 million. Bond connects retailers’ existing e-commerce platforms with a network of small neighborhood distribution centers that are managed by local teams. Read more

 

Predictive analytics startup Pecan emerged from stealth with $15 million in funding. Dell and S-Capital backed Pecan, which offers a deep learning platform that automatically generates enterprise business intelligence predictions. Read more

 

Fruit-ripeness analysis startup Clarifruit raised $6 million. ClariFruit develops a produce-monitoring mobile app that scans fruits and vegetables and analyzes their condition to determine whether they are ready to go to market. Read more

 

Canada’s Alectra backed smart grid predictive analytics startup Grid4C in $6 million round. The electricity and utility distributor will distribute Grid4C’s products via its subsidiary Util-Assist. Read more

 

Serverless computing company Nuweba raised $5.4 million. Nuweba develops a platform that enables companies to run serverless applications without using third-party tools or add-ons. Read more





Dozens of companies have data dumped online by ransomware ring seeking leverage


Aerial photograph of large outdoor maze.

The Maze ransomware ring has taken extortion to new heights by publicly posting breached data on the Internet—and threatening full dumps of stolen data if the ring’s “customers” don’t pay for their files to be unencrypted. But the group appears to be making one exception: the City of Pensacola, which was hit by Maze ransomware in December.

On the group’s website, the administrator of Maze’s ransomware operations posted:

We are going to make a gift to City of Pensacola: we will not publish leaked private data, but we publish the list of leak data and hosts to proof [sic], that we did it, we really hacked City of Pensacola.

Just before Christmas, the Maze operators had posted 2GB of data from the city’s systems, claiming it was only 10 percent of what had been stolen from systems before the attackers launched their ransomware attack. But the files were then removed, with only directory data, computer names, and IP addresses left on the site as proof of compromise. Based on the Maze site, 28 servers were hit by the attack.

Others have not been so lucky. The Italian foods company Fratelli Beretta saw all the data exfiltrated from 53 systems (a total of 3GB) posted online by Maze. And more recent victims have had smaller dumps posted. Stockdale Radiology, a radiology clinic in Bakersfield, California, saw screenshots of affected systems and data from the clinic’s fax server posted—including patient data transmitted from another MRI clinic. Ars reached out to Stockdale Radiology for comment but got no response.

About 25 other victims are listed on Maze’s site, with smaller “proof” data sets posted that include customer information. Victims include:

  • Busch’s Inc., a grocery market chain in Michigan
  • BST & Co., a certified public accountancy firm in Albany
  • Lakeland Community College in Kirkland, Ohio
  • The social media and public relations unit of Orlando-based company Massey Services

According to Emsisoft threat analyst Brett Callow, one recent dump of a Canadian company’s data included employee “names, home addresses, social insurance numbers, tax forms, earnings details, health insurance numbers, banking information, drug test results, etc.” The company failed to notify employees of the breach.

None of these breaches have been reported publicly by their victims. “The lack of disclosure obviously means that customers/clients/vendors/partners do not know that their data is now in the hands of cybercriminals and can be downloaded by anybody with an Internet connection,” Callow told Ars. “And that means they do not know that they should set up credit monitoring, notify their financial institution, be on the lookout for scams or spear phishing attempts.”

The Maze crew is not the only ransomware operation now using stolen data as additional leverage to get victims to pay up. The REvil/Sodinokibi ransomware ring has also threatened to reveal data of victims who don’t pay, including the travelers’ financial service provider Travelex. And other attackers may also be stealing data and using it in much more subtle ways to extort their victims.



Apple nixed Xnor.ai’s involvement in Pentagon’s Project Maven following acquisition



 

Apple reportedly directed artificial intelligence startup Xnor.ai to cease work on U.S. Department of Defense initiative Project Maven after it acquired the company in January.

Source: DOD

Citing people familiar with the matter, The Information on Wednesday reports Xnor.ai was until recently working on Project Maven with fellow startup Clarifai. That ended shortly after Apple bought the Seattle-based Xnor.ai for a reported $200 million this month.

Officially announced in 2017, Project Maven seeks to develop computer vision technologies capable of autonomously analyzing image data captured by military drones and other systems. To achieve its goal, the government is working with a number of private sector specialists as it builds out the technology.

Spun out of the Allen Institute for Artificial Intelligence, Xnor.ai focused on low-power, edge-based artificial intelligence and machine learning algorithms that can run on-device instead of in the cloud.

As noted by the report, running AI processes like image recognition on an iPhone instead of offsite — a practice that edge-based computing enables — could raise privacy concerns. Always the bastion of consumer security, Apple likely recognized the implications — and optics — of Xnor.ai’s involvement in Project Maven and terminated the work before the press caught wind of the relationship.

Unlike other big tech firms, like Google which pulled out of Project Maven after protests from employees, Apple typically distances itself from military contracting activities. The company has in the past supplied devices to various military branches on terms similar or identical to conventional enterprise sales. In 2008, Apple allowed then recently-acquired PA Semi to temporarily continue component supply deals with military equipment makers.





Cybersecurity risks at 97% of airports


New research has found that 97 out of 100 of the world’s major airports have security risks related to vulnerable web and mobile apps, misconfigured public cloud, dark web exposure or code repositories leaks.

Web security company ImmuniWeb carried out the research, looking into cybersecurity, compliance and privacy at the world’s largest airports.

‘)

// –>

ImmuniWeb identified three international airports that successfully passed all of its tests without a single major issue being detected: Amsterdam Airport Schiphol, in the Netherlands; Helsinki-Vantaa Airport, in Finland; and Ireland’s Dublin Airport.

Almost a quarter (24) of the main airport websites included in the survey had a failing “F” grade, meaning that they had outdated software with known and exploitable security vulnerabilities in CMS (e.g. WordPress) and/or web component (e.g. jQuery).

Some of the websites even had several vulnerable components: 97% of them contain outdated web software; 24% of the websites contain known and exploitable vulnerabilities; 76% and 73% of the websites are not compliant with GDPR and PCI DSS, respectively; and 24% of the websites have no SSL encryption or use obsolete SSLv3.

ImmuniWeb also tested 36 official mobile applications belonging to the airports. In total, 530 security and privacy issues were identified, including 288 mobile security flaws. The tests showed that 100% of the mobile apps contain at least five external software frameworks; 100% of the mobile apps contain at least two vulnerabilities; and in 33.7% of the mobile apps, outgoing traffic has no encryption. On average, 15 security or privacy issues per app were detected.

The research team found that 66 out of the 100 airports surveyed are exposed on the dark web in one way or another. Thirteen of the airports involved have leaks or exposures of a critical risk.

Ilia Kolochenko, CEO and founder of ImmuniWeb, said, “Given how many people and organizations entrust their data and lives to international airports every day, these findings are quite alarming.

“Today, when our digital infrastructure is extremely intricate and intertwined with numerous third parties, holistic visibility of your digital assets and attack surface is pivotal to ensure the success of your cybersecurity program. Without it, all your efforts and spending are in vain.”



Apple Reports Record First Quarter Results


This press release contains forward-looking statements, within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements include without limitation those about the Company’s estimated revenue, gross margin, operating expenses, other income/(expense), tax rate, and plans for return of capital. These statements involve risks and uncertainties, and actual results may differ. Risks and uncertainties include without limitation: the effect of global and regional economic conditions on the Company’s business, including effects on purchasing decisions by consumers and businesses; the ability of the Company to compete in markets that are highly competitive and subject to rapid technological change; the ability of the Company to manage frequent introductions and transitions of products and services, including delivering to the marketplace, and stimulating customer demand for, new products, services and technological innovations on a timely basis; the effect that shifts in the mix of products and services and in the geographic, currency or channel mix, component cost increases, increases in the cost of acquiring and delivering content for the Company’s services, price competition, or the introduction of new products or services, including new products or services with higher cost structures, could have on the Company’s gross margin; the dependency of the Company on the performance of distributors of the Company’s products, including cellular network carriers and other resellers; the risk of write-downs on the value of inventory and other assets and purchase commitment cancellation risk; the continued availability on acceptable terms, or at all, of certain components, services and new technologies essential to the Company’s business, including components and technologies that may only be available from single or limited sources; the dependency of the Company on manufacturing and logistics services provided by third parties, many of which are located outside of the US and which may affect the quality, quantity or cost of products manufactured or services rendered to the Company; the effect of product and services design and manufacturing defects on the Company’s financial performance and reputation; the dependency of the Company on third-party intellectual property and digital content, which may not be available to the Company on commercially reasonable terms or at all; the dependency of the Company on support from third-party software developers to develop and maintain software applications and services for the Company’s products; the impact of unfavorable legal proceedings, such as a potential finding that the Company has infringed on the intellectual property rights of others; the impact of complex and changing laws and regulations worldwide, which expose the Company to potential liabilities, increased costs and other adverse effects on the Company’s business; the ability of the Company to manage risks associated with the Company’s retail stores; the ability of the Company to manage risks associated with the Company’s investments in new business strategies and acquisitions; the impact on the Company’s business and reputation from information technology system failures, network disruptions or losses or unauthorized access to, or release of, confidential information; the ability of the Company to comply with laws and regulations regarding data protection; the continued service and availability of key executives and employees; political events, international trade disputes, war, terrorism, natural disasters, public health issues, and other business interruptions that could disrupt supply or delivery of, or demand for, the Company’s products; financial risks, including risks relating to currency fluctuations, credit risks and fluctuations in the market value of the Company’s investment portfolio; and changes in tax rates and exposure to additional tax liabilities. More information on these risks and other potential factors that could affect the Company’s financial results is included in the Company’s filings with the SEC, including in the “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” sections of the Company’s most recently filed periodic reports on Form 10-K and Form 10-Q and subsequent filings. The Company assumes no obligation to update any forward-looking statements or information, which speak as of their respective dates.



London to deploy live facial recognition to find wanted faces in a crowd


Security cameras sit on a pole near the Houses of Parliament in the Westminster district of London, UK, on Monday, Jan. 6, 2020. The Metropolitan Police will be adding new "live facial recognition" systems to their sensor collection, aimed at spotting wanted persons walking through targeted areas.
Enlarge / Security cameras sit on a pole near the Houses of Parliament in the Westminster district of London, UK, on Monday, Jan. 6, 2020. The Metropolitan Police will be adding new “live facial recognition” systems to their sensor collection, aimed at spotting wanted persons walking through targeted areas.

Officials at the Metropolitan Police Service of London announced last Friday that the force will soon begin to use “Live Facial Recognition” (LFR) technology deployed around London to identify people of interest as they appear in surveillance video and alert officers to their location. The system, based on NEC’s NeoFace Watch system, will be used to check live footage for faces on a police “watch list,” a Metropolitan Police spokesperson said. The real-time facial-recognition system will target suspects in violent crimes, child exploitation cases, and missing children and vulnerable adults, among others.

The video system, the spokesperson noted in a written statement, “simply gives police officers a prompt suggesting ‘that person over there may be the person you’re looking for'” and that the decision to act on that information will always be made by officers in the field. Initially, the system will be deployed at locations “where intelligence suggests we are most likely to locate serious offenders,” the spokesperson said. “Each deployment will have a bespoke ‘watch list’ made up of images of wanted individuals, predominantly those wanted for serious and violent offenses.”

Assistant Commissioner Nick Ephgrave said, “As a modern police force, I believe that we have a duty to use new technologies to keep people safe in London. Independent research has shown that the public support us in this regard. Prior to deployment we will be engaging with our partners and communities at a local level.” That engagement will include officers handing out leaflets explaining the program at locations where the technology is deployed.

Putting a face to a name

Live facial-recognition systems have become part of many private organizations’ internal security operations. In Las Vegas, a number of casinos have used facial-recognition systems for decades—not only to spot potential criminals but to also catch “undesirables” such as card counters and others who have been banned from the gaming floors. (I got a first-hand look at some of those early systems back in 2004 while reporting on the gaming industry’s use of facial recognition, license plate readers, and other surveillance technologies.)

Most of the earlier systems operated at relatively low rates and depended a great deal on humans in the loop to confirm results. Over the past few years, however, machine-learning-based facial-recognition systems have made live facial recognition more powerful and much more scalable.

Facial-recognition technology similar to the NEC system has already been widely deployed across China, with about 200 million cameras by the government’s own estimate. And the Metropolitan Police is no stranger to the technology—in 2015, while now-Prime Minister Boris Johnson was mayor of London, the police service asked for access to Transport for London’s automatic number-plate recognition (ANPR) camera system to perform real-time facial recognition of motorists entering London.

And while these systems have depended on government databases, private companies’ own databases of images have begun to be tapped as well. Amazon’s Rekognition system and other facial-recognition services that can process real-time streaming video have been used by US police forces as well as for commercial applications. And as the New York Times’ Kashmir Hill reported earlier this month, some US law enforcement organizations are using a service from a company called Clearview (a startup backed by Peter Thiel and co-founded by a former mayoral aide to Rudolph Giuliani) to perform facial-recognition searches against images scraped from social media and other sources.

These systems are not foolproof. They depend heavily on the quality of source data and other aspects of the video being scanned. But Ephgrave said that the Metropolitan Police is confident about the system it’s deploying—and that it’s balancing its deployment with privacy concerns.

“We are using a tried-and-tested technology and have taken a considered and transparent approach in order to arrive at this point,” said Ephgrave. For now, the system will not be tied to existing CCTV systems or other police imagery systems. The initial deployment is to be limited to cameras capturing people passing through targeted, relatively small areas.

Areas under the surveillance of the system will be marked with signs. Ephgrave said that the deployment required “that we have the right safeguards and transparency in place to ensure that we protect people’s privacy and human rights.”