Slashdot

---

• Princeton Team Disables Long-Targeted Gene Behind Spread of Major Cancers
• Over 300,000 Android Users Have Downloaded These Banking Trojan Malware Apps, Say Security Researchers
• Browser Extension Shows How Many Brands On Amazon Are Actually Just Amazon
• 'Massive' Startup Wants To Rent Your Spare Compute Power To Pay For Apps
• The Virtual Phone Farms Scammers Use To Set Up Fake Accounts
• Microsoft Adds Buy Now, Pay Later Financing Option To Edge -- And Everyone Hates It
• Cyber Monday Online Sales Fall For the First Time Ever
• FBI Document Shows What Data Can Be Obtained From Encrypted Messaging Apps
• SpaceX's Starlink Is Testing Internet Service for Aircraft
• NASA Postpones Spacewalk Citing 'Debris Notification' for ISS
• Biden Administration Makes First Move on Data Privacy
• Barbados, Formally Casting Off the Queen, Becomes a Republic
• Amazon Launches Preview of New 'AWS Private 5G' Managed Service
• Facebook's David Marcus, Creator of Embattled Diem Project, To Leave Company
• Twitter Expands Safety Policy, Bans Posting Images of People Without Their Consent

Princeton Team Disables Long-Targeted Gene Behind Spread of Major Cancers Posted: 30 Nov 2021 07:30 PM PST An anonymous reader writes: The mysterious ways cancer spreads through the body, a process known as metastasis, is what can make it such a difficult enemy to keep at bay. Researchers at Princeton University working in this area have been tugging at a particular thread for more than 15 years, focusing on a single gene central to the ability of most major cancers to metastasize. They've now discovered what they describe as a "silver bullet" in the form of a compound that can disable this gene in mice and human tissue, with clinical trials possibly not too far away. This discovery has its roots in 2004 research in which Princeton scientists identified a gene implicated in metastatic breast cancer, called metadherin, or MTDH. A 2009 paper by cancer biologist Yibin Kang then showed the gene was amplified and produced abnormally high levels of MTDH proteins in around a third of breast cancer tumors, and was central to not just the process of metastasis, but also the resistance of those tumors to chemotherapy. Subsequent research continued to shed light on the importance of the MTDH gene, demonstrating how it is critical for cancer to flourish and metastasize. Mice engineered to lack the gene grew normally, and those that did get breast cancer featured far fewer tumors -- and those tumors that did form didn't metastasize. This was then found to be true of prostate cancer, lung cancer, colorectal cancer, liver cancer and many other cancers. The crystal structure of MTDH shows the protein has a pair of protrusions likened to fingers, which interlock with two holes in the surface of another protein called SND1. This is "like two fingers sticking into the holes of a bowling ball," according to Kang, and the scientists suspected if this intimate connection could be broken, it could go a long way to dampening the harmful effects of MTDH. "We knew from the crystal structure what the shape of the keyhole was, so we kept looking until we found the key," Kang says. The team spent two years screening for the right molecules to fill these holes without any great success, until they landed on what they say is a "silver bullet." The resulting compound plugs these voids and prevents the proteins from interlocking, with profound anti-cancer effects that resemble those seen in the MTDH-deficient mice from their earlier work. "The scientists say that MTDH assists cancer in two primary ways, by helping tumors endure the stresses of chemotherapy and by silencing the alarm that organs normally sound when a tumor invades them," adds New Atlas. "By interlocking with the SND1 protein, it prevents the immune system from recognizing the danger signals normally generated by cancerous cells, and therefore stops it from attacking them. The team is now working to refine the compound, hoping to improve its effectiveness in disrupting the connection between MTDH and SND1 and lower the required dosage. [T]hey hope to be ready for clinical trials on human patients in two to three years." The research has been published across two papers in the journal Nature Cancer. Read more of this story at Slashdot.

Over 300,000 Android Users Have Downloaded These Banking Trojan Malware Apps, Say Security Researchers Posted: 30 Nov 2021 06:10 PM PST Over 300,000 Android smartphone users have downloaded what turned out to be banking trojans after falling victim to malware that has bypassed detection by the Google Play app store. ZDNet reports: Detailed by cybersecurity researchers at ThreatFabric, the four different forms of malware are delivered to victims via malicious versions of commonly downloaded applications, including document scanners, QR code readers, fitness monitors and cryptocurrency apps. The apps often come with the functions that are advertised in order to avoid users getting suspicious. In each case, the malicious intent of the app is hidden and the process of delivering the malware only begins once the app has been installed, enabling them to bypass Play Store detections. The most prolific of the four malware families is Anatsa, which has been installed by over 200,000 Android users -- researchers describe it as an "advanced" banking trojan that can steal usernames and passwords, and uses accessibility logging to capture everything shown on the user's screen, while a keylogger allows attackers to record all information entered into the phone. [...] The second most prolific of the malware families detailed by researchers at ThreatFabric is Alien, an Android banking trojan that can also steal two-factor authentication capabilities and which has been active for over a year. The malware has received 95,000 installations via malicious apps in the Play Store. [...] The other two forms of malware that have been dropped using similar methods in recent months are Hydra and Ermac, which have a combined total of at least 15,000 downloads. ThreatFabric has linked Hydra and Ermac to Brunhilda, a cyber-criminal group known to target Android devices with banking malware. Both Hydra and Ermac provide attackers with access to the device required to steal banking information. ThreatFabric has reported all of the malicious apps to Google and they've either already been removed or are under review. Read more of this story at Slashdot.

Browser Extension Shows How Many Brands On Amazon Are Actually Just Amazon Posted: 30 Nov 2021 05:30 PM PST A new browser extension promises to show you which products in your Amazon search results are sold by brands that are either owned by or are exclusive to Amazon, giving you a better idea of who's selling what you're buying. The Verge reports: It's called Amazon Brand Detector, and it uses a list of Amazon brands created by The Markup, along with filters and other techniques (detailed here) to detect and highlight products that are a part of Amazon's Our Brands program. The Markup created this extension after its investigation into how Amazon ranks its in-house brands in search results and says the tool (available for Chrome-like browsers and Firefox) is designed to make searches more transparent. When we tested it, it obviously highlighted Amazon Basics and Essentials products, but it also drew attention to results that were otherwise indistinguishable from ones not affiliated with Amazon: a dog leash labeled as being made by Panykoo, socks by Teebulen, a sweater by Ofeefan. While Amazon marked some of those results as "featured from our brands," that wasn't the case for all of them. That advisory text is also small and grey, making it easy to miss if you're casually browsing (especially since there may not be any notice of the affiliation on the actual product page), and it didn't show up on every result the tool highlighted. Amazon isn't necessarily shadowy about these brands: it has a page that lists its "private and select exclusive brands," many of which have legit-sounding names: Happy Belly, Wag, Nature's Wonder. Some are private labels owned by Amazon, where some are "curated selections" sold exclusively on Amazon but not necessarily operated by the company. According to The Markup, the extension "does not collect any data" and should be compatible with other extensions. Read more of this story at Slashdot.

'Massive' Startup Wants To Rent Your Spare Compute Power To Pay For Apps Posted: 30 Nov 2021 04:50 PM PST What if users could pay for apps or services not with money or attention, but with their spare compute power? A startup called "Massive" is working to take this concept "into the modern world as an alternative to charging users or pounding them with advertisements to generate revenue," writes TechCrunch's Alex Wilhelm. From the report: Massive announced an $11 million round this morning, led by Point72 Ventures with participation from crypto-themed entities, including CoinShares Ventures and Coinbase Ventures. Several angels also participated in the funding event. The model is interesting, and Massive's funding round is an indication that it has found some market traction. So, we get the company on the horn to learn more. Massive co-founder and CEO Jason Grad described the startup's work as something akin to an Airbnb or Turo for users' computers, comparing its service to some of the more popular consumer-sharing startups that folks already know. It's a reasonable comparison. Some 50,000 desktop computer users -- nodes, in the company's parlance -- have opted into its service. Which is white hat, it goes without saying. Given that Massive is asking for compute power, it will have constant work to do to ensure that it is a good steward of user trust and partner selection; no one wants their spare CPU cycles to go to something illegal. The company has a good early stance toward caring for its nascent compute exchange, with a hard requirement of getting users to opt into its service before joining. To start, Massive is working with crypto-focused companies. They have an obvious need for compute power, and the work they execute -- running blockchain calculations -- is monetized through block rewards and other fees, making them easy choices for partnerships. You can now see why the company's investor list includes a number of crypto-focused venture capital firms. The startup's goal is broader, however. It wants to build a two-sided marketplace for compute power, Grad explained. That means lots more users offering up a slice of their computing power, future acceptance of mobile devices, and a broader partner list. Part of the company's perspective is rooted in the belief that the dominant business models of the internet today are lacking. "Shit," to quote Grad directly. Read more of this story at Slashdot.

The Virtual Phone Farms Scammers Use To Set Up Fake Accounts Posted: 30 Nov 2021 04:10 PM PST An anonymous reader quotes a report from Motherboard: When a scammer wants to set up an account on Amazon, Discord, or a spread of other online services, sometimes a thing that stands in their way is SMS verification. The site will require them to enter a phone number to receive a text message which they'll then need to input back into the site. Sites often do this to prevent people from making fraudulent accounts in bulk. But fraudsters can turn to large scale, automated services to lease them phone numbers for less than a cent. One of those is 5SIM, a website that members of the video game cheating community mention as a way to fulfill the request for SMS verification. Various YouTube videos uploaded by the company explain how people can use its service explicitly for getting through the SMS verification stage of various sites. The videos include instructions specifically on PayPal, Instagram, Facebook, Telegram, and dating site Plenty of Fish. Instagram told Motherboard it is concerned by sites that suggest people can use services to bypass Instagram's measures to then abuse the platform. Instagram said it uses SMS verification to prevent the creation of fake accounts and to make account recovery possible. "We have many measures in place to protect against scripted account creation and block millions of fake accounts at registration every day," an Instagram spokesperson said. Some online services don't allow users to perform SMS verification with VoIP numbers, presumably in an effort to mitigate against fraud. 5SIM's numbers, however, are just like ordinary phone numbers, the site claims. When people buy 5SIM's services, they must only use it for receiving texts related to an online account. "Different SMS will [be] rejected," the website adds. 5SIM also offers an API to automate parts of the service. 5SIM's rules say that customers are "Forbidden to use the service for any illegal purposes as well as not to take actions that harm the service and (or) third parties." The website also includes a denylist of words that its service may block. In an email to Motherboard, 5SIM said: "5sim service is prohibited to use for illegal purposes. In cases, where fraudulent operations with registered accounts are detected, restrictions may be imposed on the 5sim account until the circumstances are clarified. 5sim is used by those who want to get a discount or bonus, webmasters, SMM specialists, owners of business for advertising and increasing business loyalty." Read more of this story at Slashdot.

Microsoft Adds Buy Now, Pay Later Financing Option To Edge -- And Everyone Hates It Posted: 30 Nov 2021 03:30 PM PST Microsoft has decided to add "Buy Now, Pay Later" financing options to its Edge browser in the U.S. -- and the overwhelming response has been negative. The Register reports: The Buy Now Pay Later (BNPL) option pops up at the browser level (rather than on checkout at an ecommerce site) and permits users to split any purchase between $35 and $1,000 made via Edge into four instalments spread over six weeks. The system is powered by Zip, previously Quadpay, and offers a Chrome extension for users who want to split their payments (interest-free if you make the payments on time, although Zip charges $1 per installment). Microsoft has now bundled the platform into Edge. Feedback could charitably be described as negative so far, as demonstrated by the tags assigned to the post on Microsoft's Tech Community site. Comments (numbering 119 at time of writing) posted by visitors to the site can be pretty much summed up thusly: "This [is] a cheap and disgusting move from Microsoft and edge team to the browser users. You should be ashamed for pushing such crap to users. Listening to the users checkout flows, suggesting third party services. Bloating the browser. Seriously, be better and more responsible." "It's deeply shocking this is built into the base Windows OS on billions of devices," writes cybersecurity expert Kevin Beaumont in a tweet. "I feel like I should start a GoFundMe for Microsoft, or teach them how to beg bounty, as clearly they need the money." Read more of this story at Slashdot.

Cyber Monday Online Sales Fall For the First Time Ever Posted: 30 Nov 2021 02:50 PM PST Consumers logged online Monday and spent $10.7 billion, marking a 1.4% decrease from year-ago levels, according to data released Tuesday by Adobe Analytics. This year's tally marks the first time that Adobe has tracked a slowdown in spending on major shopping days. CNBC reports: Despite the slowdown, Adobe expects the entire holiday season will see record-breaking e-commerce activity, as shoppers spread out their dollars over more days. So far, from Nov. 1 through Cyber Monday, consumers in the United States have spent $109.8 billion online, which is up 11.9% year over year, Adobe said. And on 22 of those days, consumers purchased more than $3 billion worth of goods, another new milestone, it said. Adobe anticipates digital sales from Nov. 1 to Dec. 31 will hit $207 billion, which would represent record gains of 10%. Last Cyber Monday, retailers rang up $10.8 billion in sales on the web, as more people stayed home and avoided shopping in retailers' stores due to the ongoing coronavirus pandemic. It marked a record day for e-commerce purchases in the U.S. The slight deceleration in online spending follows a similar pattern that played out on Thanksgiving Day and on Black Friday this year, as shoppers appeared to have spread out their dollars onto more days rather than squeezing their shopping into "Cyber Week." Retailers rang up $8.9 billion in sales online on Black Friday, down from the record of about $9 billion spent on the Friday after Thanksgiving a year earlier, Adobe said. And on Thanksgiving Day, consumers spent $5.1 billion on the internet, flat from year-ago levels. [...] Shopper traffic on Black Friday was up 47.5% compared with year-ago levels, but was still down 28.3% versus 2019, according to separate data from Sensormatic Solutions. Read more of this story at Slashdot.

FBI Document Shows What Data Can Be Obtained From Encrypted Messaging Apps Posted: 30 Nov 2021 02:10 PM PST An anonymous reader quotes a report from the Record: A recently discovered FBI training document shows that US law enforcement can gain limited access to the content of encrypted messages from secure messaging services like iMessage, Line, and WhatsApp, but not to messages sent via Signal, Telegram, Threema, Viber, WeChat, or Wickr. The document, obtained earlier this month following a FOIA request filed by Property of the People, a US nonprofit dedicated to government transparency, appears to contain training advice for what kind of data agents can obtain from the operators of encrypted messaging services and the legal processes they have to go through. Dated to January 7, 2021, the document doesn't include any new information but does a good job at providing an up-to-date summary of what type of information the FBI can currently obtain from each of the listed services. [...] While the document confirms that the FBI can't gain access to encrypted messages sent through some services, the other type of information they can glean from providers might still help authorities in other aspects of their investigations. The content of the document, which may be hard to read due to some font rendering issues, is also available in the table [embedded in the article]. Of note, the table above does not include details about Keybase, a recent end-to-end encrypted (E2EE) service that has been gaining in popularity. The service was acquired by video conferencing software maker Zoom in May 2020. Read more of this story at Slashdot.

SpaceX's Starlink Is Testing Internet Service for Aircraft Posted: 30 Nov 2021 01:30 PM PST SpaceX's Starlink unit is testing its space-based internet service with several aircraft and wants to offer in-flight connection to airlines "as soon as possible," a company vice president said. From a report: Starlink is in talks with several airlines about offering in-flight broadband connections, Jonathan Hofeller, vice president of commercial sales, said Tuesday on a panel at the Airline Passenger Experience Association gathering in Long Beach, California. That would put the company in direct competition with Viasat, Intelsat SA, Telesat and others. Starlink is producing six satellites a week at its assembly site near Seattle, Hofeller said. It is also moving to a more sophisticated version. Read more of this story at Slashdot.

NASA Postpones Spacewalk Citing 'Debris Notification' for ISS Posted: 30 Nov 2021 12:55 PM PST Nasa has postponed a planned spacewalk outside the International Space Station due to flying "debris," two weeks after Russia blew up one of its own satellites in a missile test that created clouds of zooming shrapnel in orbit. From a report: Washington's space agency did not mention the Russian test in its announcement, but a Nasa official had warned a day earlier of a slightly elevated risk to astronauts due to the 14 November incident. The strike generated thousands of pieces of "space junk" that are now hurling around the Earth at about 17,000 mph (27,400km/h) -- much faster than the speed of a bullet. At that velocity, even tiny flecks of paint can damage spacecraft, with spacesuits even more vulnerable. On Tuesday, about five hours before the astronauts Thomas Marshburn and Kayla Barron were due to venture outside the space station, Nasa said on Twitter that the spacewalk to fix a failed antenna had been cancelled. "Nasa received a debris notification for the space station. Due to the lack of opportunity to properly assess the risk it could pose to the astronauts, teams have decided to delay the 30 November spacewalk until more information is available," it tweeted. Moscow has said its test to destroy its own spacecraft, Tselina-D, which had been in orbit since 1982, was successful and the debris posed no "threat to space activity." Read more of this story at Slashdot.

Biden Administration Makes First Move on Data Privacy Posted: 30 Nov 2021 12:14 PM PST The Biden administration is launching its first big effort on privacy policy by looking at how data privacy issues affect civil rights. From a report: The National Telecommunication and Information Administration (NTIA), the telecom unit of the Commerce Department, plans to hold "listening sessions" and seek comment on the intersection of privacy, equity and civil rights, according to an agency notice. NTIA intends to develop a report on the "ways in which commercial data flows of personal information can lead to disparate impact and outcomes for marginalized or disadvantaged communities." The agency noted that data collection can lead to harm through discriminatory targeted advertising or via software that uses race as a factor in predicting academic success, as detailed by a report in The Markup. Read more of this story at Slashdot.

Barbados, Formally Casting Off the Queen, Becomes a Republic Posted: 30 Nov 2021 11:25 AM PST In the early hours of Tuesday, at a ceremony attended by hundreds of masked officials, a prince and at least one pop star, the Caribbean island of Barbados became a republic, cutting ties with Queen Elizabeth II and casting off the last major vestige of its colonial past. The New York Times: The nation swore in its first president, Sandra Mason, a former governor general who had been appointed by the queen. A 21-gun salute rang out as the national anthem played. The red, yellow and navy blue royal flag was lowered -- exactly 55 years after the country gained independence from Britain. "Today, debate and discourse have become action," Ms. Mason, 72, told the onlookers gathered in the capital, Bridgetown. "Today, we set our compass to a new direction." Ms. Mason received a majority vote in Parliament in October to take on the role. In a speech afterward, Prime Minister Mia Mottley said: "We believe that the time has come for us to claim our full destiny. It is a woman of the soil to whom this honor is being given." The island nation, a democracy of about 300,000 people, announced in September that it would remove Queen Elizabeth as head of state, the latest Caribbean island to do so. It joined Guyana, which gained independence in 1966 and became a republic in 1970; Trinidad and Tobago, which became independent in 1962 and a republic in 1976; and Dominica, which gained full independence as a republic in 1978. Australia, Canada, Jamaica, New Zealand and Papua New Guinea are among the nations that still call the queen their head of state. Barbados will remain part of the Commonwealth, a voluntary association of 54 countries with roots in the British Empire. Read more of this story at Slashdot.

Amazon Launches Preview of New 'AWS Private 5G' Managed Service Posted: 30 Nov 2021 10:46 AM PST At Amazon's AWS re:Invent conference this morning, the company announced the preview of "AWS Private 5G," which is a new service that aims to make it easy to deploy and manage your own private global network. From a report: The launch is meant to address the challenges companies are facing with leveraging 5G. AWS CEO Adam Selipsky said that with AWS Private 5G, you can set up and scale a private mobile network in days instead of months. "You get all the goodness of mobile technology without the pain of long planning cycles, complex integrations and the high upfront costs," Selipsky stated during the company's keynote. "You tell us where you want to build your network and specify the network capacity. We ship you all the required hardware, the software and the SIM cards." Read more of this story at Slashdot.

Facebook's David Marcus, Creator of Embattled Diem Project, To Leave Company Posted: 30 Nov 2021 10:03 AM PST David Marcus, one of the top executives at Meta Platforms and the co-creator of the yet-to-be-launched Diem digital currency, is leaving the company after seven years to pursue other projects. From a report: Marcus, who joined the Facebook parent company in 2014 from PayPal Holdings, ran the Messenger service for years before moving over to form the company's blockchain division in 2018. He spent the last few years building Novi, the company's digital wallet that launched in October, and co-founded Diem, a digital currency formerly known as Libra that was intended as a way for people to send money cross-border. Getting Diem off the ground has proven to be a struggle for Meta and Marcus. Since the project was unveiled in 2019 -- with great fanfare and dozens of partners -- the currency's debut has been delayed and its original ambitions have been scaled back. Diem faced pushback from lawmakers and regulators when it was announced, and while Meta is still a partner on the effort, Diem is now run independently. Marcus's departure adds more uncertainty to Meta's digital payment push, but the longtime entrepreneur and angel investor says he has an itch to create something outside the company. Read more of this story at Slashdot.

Twitter Expands Safety Policy, Bans Posting Images of People Without Their Consent Posted: 30 Nov 2021 09:25 AM PST Twitter updated its private information safety policy this morning to ban sharing images or videos of private individuals without their consent. From a report: The platform already banned users from sharing others' personal information without permission, like their address or location, identity documents, non-public contact information, financial information or medical data. But this update makes these anti-harassment and anti-doxxing policies more robust. This doesn't mean that Twitter will require consent from all individuals in a photo or video before its posted. But if a person depicted wants the media taken down, Twitter will take it down. Read more of this story at Slashdot.

You are subscribed to email updates from Slashdot. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States