Archives 25 April 2019

Hacker Can Monitor Cars And Kill Their Engines After Breaking Into GPS Tracking Apps

A hacker broke into thousands of accounts belonging to users of two GPS tracker apps, giving him the ability to monitor the locations of tens of thousands of vehicles and even turn off the engines for some of them while they were in motion. The hacker, who goes by the name L&M, told Motherboard he hacked into more than 7,000 iTrack accounts and more than 20,000 ProTrack accounts, two apps that companies use monitor and manage fleets of vehicles through GPS tracking devices. The hacker was able to track vehicles in a handful of countries around the world, including South Africa, Morocco, India, and the Philippines. On some cars, the software has the capability of remotely turning off the engines of vehicles that are stopped or are traveling 12 miles per hour or slower, according to the manufacturer of certain GPS tracking devices.

By reverse engineering ProTrack and iTrack’s Android apps, L&M said he realized that all customers are given a default password of 123456 when they sign up. At that point, the hacker said he brute-forced ‘millions of usernames’ via the apps’ API. Then, he said he wrote a script to attempt to login using those usernames and the default password. This allowed him to automatically break into thousands of accounts that were using the default password and extract data from them.

Applying For Your Next Job May Be an Automated Nightmare

If you think looking for a job is already daunting, anxiety-riddled, and unpleasant, just wait until the algorithms take over the hiring process. When they do, a newfangled ‘digital recruiter’ like VCV, which just received $1.7 million in early investment, hopes it will look something like this: First, a search bot will be used to scan CVs by the thousands, yours presumably among them. If it’s picked out of the haystack, you will be contacted by a chatbot. Over SMS, the bot will set an appointment for a phone interview, which will be conducted by an automated system enabled by voice recognition AI. Next, the system will ask you, the applicant, to record video responses to a set of predetermined interview questions. Finally, the program can use facial recognition and predictive analytics to complete the screening, algorithmically determining whether the nervousness, mood, and behavior patterns you exhibit make you a fit for the company. If you pass all that, then you will be recommended for an in-person job interview.

[…] VCV, which did not respond to a request for comment, is far from alone here. A growing suite of startups is pitching AI-driven recruitment services, promising to save corporations millions of dollars throughout the hiring process by reducing overhead, to pluck more ideal candidates out of obscurity, and to reduce bias in the hiring process. Most offer little to no evidence of how they actually do so. VCV’s much-larger competitor, HireVue, which has raked in a staggering $93 million in funding and is backed by top-tier Silicon Valley venture capital firms like Sequoia, is hocking many of the same services. It counts 700 companies as its clients, including, it says, Urban Outfitters, Intel, Honeywell, and Unilever. AllyO, which was founded in 2015, and “utilizes deep workflow conversational AI to fully automate end to end recruiting workflow” has $19 million in backing.

The Feds Are Dropping Child Porn Cases Instead of Revealing Their Surveillance Systems

The Department of Justice has been dismissing child pornography cases in order to not reveal information about the software programs used as the basis for the charges. An array of cases suggest serious problems with the tech tools used by federal authorities. But the private entities who developed these tools won’t submit them for independent inspection or hand over hardly any information about how they work, their error rates, or other critical information. As a result, potentially innocent people are being smeared as pedophiles and prosecuted as child porn collectors, while potentially guilty people are going free so these companies can protect “trade secrets.” The situation suggests some of the many problems that can arise around public-private partnerships in catching criminals and the secretive digital surveillance software that it entails (software that’s being employed for far more than catching child predators).

With the child pornography cases, “the defendants are hardly the most sympathetic,” notes Tim Cushing at Techdirt. Yet that’s all the more reason why the government’s antics here are disturbing. Either the feds initially brought bad cases against people whom they just didn’t think would fight back, or they’re willing to let bad behavior go rather than face some public scrutiny. An extensive investigation by ProPublica “found more than a dozen cases since 2011 that were dismissed either because of challenges to the software’s findings, or the refusal by the government or the maker to share the computer programs with defense attorneys, or both,” writes Jack Gillum. Many more cases raised issues with the software as a defense. “Defense attorneys have long complained that the government’s secrecy claims may hamstring suspects seeking to prove that the software wrongly identified them,” notes Gillum. “But the growing success of their counterattack is also raising concerns that, by questioning the software used by investigators, some who trade in child pornography can avoid punishment.”

Scientists Have Developed a Brain Implant That Can Read People’s Minds

The team at the University of California, San Francisco says the technology is “exhilarating.” They add that their findings, published in the journal Nature, could help people when disease robs them of their ability to talk. The mind-reading technology works in two stages. First an electrode is implanted in the brain to pick up the electrical signals that maneuver the lips, tongue, voice box and jaw. Then powerful computing is used to simulate how the movements in the mouth and throat would form different sounds. This results in synthesized speech coming out of a “virtual vocal tract.”