ICYMI: Password Reuse Rooted In 23andMe Data Breach

by Paul Arnote (parnote)

A new study in mice found limited intakes of one particular essential amino acid slowed the impacts of aging and even lengthened their lifespan, according to an article from Science Alert. Scientists are now wondering if these findings could help people improve their longevity and quality of life. Isoleucine is one of three branched-chain amino acids we use to build proteins in our bodies. It is essential for our survival, but since our cells can't produce it from scratch, we have to get it from sources like eggs, dairy, soy protein and meats.

Surprise! Surprise! Attention Chrome and Chromium-browser users: Your internet activity is vulnerable to cyberattacks, unless you update to the latest version of your browser, according to an article from Lifehacker. On November 28, 2023, Google announced on their Chrome Releases blog that a new version of Chrome, 119.0.6045.199 for Mac and Linux and 119.0.6045.199/.200 for Windows, is available, and patches seven different security vulnerabilities. All of these discovered issues are rated as "high" in severity, but Google only names six of them.

Do you want to know if the "research" that you are reading is valid or just bunk? That is the premise covered by an article from The Atlantic. With so, so many "research papers" released every year, it can be difficult to separate the wheat from the chaff, so to speak.

In an article from the New York Times, a data breach at 23andMe affects 6.9 million profiles, the company says. Hackers were able to obtain access because some customers reused old passwords, the genetic testing company said. The compromised data, in some cases, included ancestry trees, birth years and geographic locations. And as if I needed yet another reason to steer a wide berth around these genetic data collection "companies." It also reiterates what we've been telling you here in the pages of this magazine for years about the risks of password reuse.

Believe it or not, astronomers "lost" a whole galaxy, according to an article from Mashable. It's hard to imagine astronomers could detect one of these colossal realms with a ground-based telescope, only to peer through a powerful telescope in space and see no trace of its existence — just a deep and endless void of darkness. Scientists first discovered Aztecc71 with a camera on the James Clerk Maxwell Telescope in Hawaii. But when they searched for the galaxy with NASA's Hubble Space Telescope, it had completely vanished. It took the James Webb Space Telescope, the leading infrared space observatory, to win at hide-and-seek. There it was: a faint but distinct galaxy, popping out hundreds of new stars every year.

An article from BBC Future takes a look at what it would take to switch the world's aircraft to running off of renewable biofuels. The biomass required to make biofuel can come from a broad range of sources – plant material, food waste or even algae. While biofuels release CO2 when burned, some consider them a sustainable option because they are renewable and biomass removes some CO2 from the atmosphere as it grows. But … whoa! … the amount of land necessary to keep the world's aircraft aloft is staggering.

ChatGPT provided incorrect or incomplete information when asked about [pharmaceutical] drugs, and in some cases invented references to support its answers, two evaluative studies found, according to an article from MedPage Today.. In the first, 39 questions sent to a drug information service for pharmacists were later posed to ChatGPT, which provided no response, an inaccurate response, or an incomplete response to 74% of them. In the second study, ChatGPT missed at least half of established side effects for 26 of 30 FDA-approved drugs.

Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows infections that are nearly impossible to detect or remove using current defense mechanisms, according to an article from Ars Technica (and other news outlets). The attack—dubbed LogoFAIL by the researchers who devised it—is notable for the relative ease in carrying it out, the breadth of both consumer- and enterprise-grade models that are susceptible, and the high level of control it gains over them. In many cases, LogoFAIL can be remotely executed in post-exploit situations using techniques that can't be spotted by traditional endpoint security products. And because exploits run during the earliest stages of the boot process, they are able to bypass a host of defenses, including the industry-wide Secure Boot, Intel's Secure Boot, and similar protections from other companies that are devised to prevent so-called bootkit infections.

Unidentified governments are surveilling smartphone users via their apps' push notifications, a U.S. senator warned on Wednesday, according to an article from Reuters. In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from Alphabet's Google and Apple. Although details were sparse, the letter lays out yet another path by which governments can track smartphones. Apps of all kinds rely on push notifications to alert smartphone users to incoming messages, breaking news, and other updates. These are the audible "dings" or visual indicators users get when they receive an email or their sports team wins a game. What users often do not realize is that almost all such notifications travel over Google and Apple's servers.

A number of popular mobile password managers are inadvertently spilling user credentials due to a vulnerability in the autofill functionality of Android apps, according to an article from TechCrunch. The vulnerability, dubbed "AutoSpill," can expose users' saved credentials from mobile password managers by circumventing Android's secure autofill mechanism, according to university researchers at the IIIT Hyderabad, who discovered the vulnerability and presented their research at Black Hat Europe this week.

In November of 2020, a freak wave came out of the blue, lifting a lonesome buoy off the coast of British Columbia 17.6 meters high (58 feet), according to an article from ScienceAlert. The four-story wall of water was finally confirmed in February 2022 as the most extreme rogue wave ever recorded at the time. Once thought to be relegated to nautical folklore, scientists got a wake-up call in 1995, when they detected a nearly 26-meter-high rogue wave (85 feet) that suddenly struck an oil-drilling platform roughly 160 kilometers (100 miles) off the coast of Norway.

Thirty years ago, a botanist in Germany had a simple wish: to see the inner workings of woody plants without dissecting them. By bleaching away the pigments in plant cells, Siegfried Fink managed to create transparent wood, and he published his technique in a niche wood technology journal, according to an article from Ars Technica. The 1992 paper remained the last word on see-through wood for more than a decade, until a researcher named Lars Berglund stumbled across it. Berglund was inspired by Fink's discovery, but not for botanical reasons. The materials scientist, who works at KTH Royal Institute of Technology in Sweden, specializes in polymer composites and was interested in creating a more robust alternative to transparent plastic. And he wasn't the only one interested in wood's virtues. Across the ocean, researchers at the University of Maryland were busy on a related goal: harnessing the strength of wood for nontraditional purposes.

Happy 30th birthday, Doom. Undoubtedly one of the most immediately recognizable, important and best FPS games of all time, you probably don't need to be told why you should play it. To celebrate 30 years since the first game launched on December 10, 1993, the game's co-creator John Romero released Sigil 2, his second such expansion for the iconic game, according to an article from PCGamesn. Sigil 2 follows on from Romero's previous Sigil, released in 2019 as a spiritual successor to the fourth episode of The Ultimate Doom. The new Megawad (the traditional name for a pack including a total of 15 or more levels) is described as an "unofficial sixth episode" and is now available as a free add-on for the iconic FPS game. Sigil 2 is out now. If you want to play it, you can get it now as a free download via John Romero's website. You'll need to own a copy of the original Doom, and Romero himself recommends GZDoom as the ideal way to play it. You can also head to his site to buy Sigil 2 with an accompanying soundtrack from Thorr made for the game or get a full boxed edition of the new campaign with some spectacular artwork and additional goodies.

Hackers are always finding new ways to break into your devices. A troubling new vulnerability in iOS now allows hackers to spy on you through your keyboard, according to an article from Fox News. Certo Software released a report revealing how cybercriminals are avoiding Apple's stringent security measures to steal your information. Essentially what hackers are doing is installing a third-party keyboard that features a keylogger into your iPhone. They will disguise that keylogger in a small app and use Apple's TestFlight tool for app developers to bypass Apple's security checks. Hackers are hoping you download those apps and turn over your own information.

Engineers and major companies are pushing a technology that they say could make the web feel dramatically faster, according to an article from The Verge. The good news is that there's a plan to almost eliminate latency, and big companies like Apple, Google, Comcast, Charter, Nvidia, Valve, Nokia, Ericsson, T-Mobile parent company Deutsche Telekom, and more have shown an interest. It's a new internet standard called L4S that was finalized and published in January, and it could put a serious dent in the amount of time we spend waiting around for webpages or streams to load and cut down on glitches in video calls. It could also help change the way we think about internet speed and help developers create applications that just aren't possible with the current realities of the internet.

Researchers have demonstrated a programmable nano-scale robot, made from a few strands of DNA, that's capable of grabbing other snippets of DNA, and positioning them together to manufacture new UV-welded nano-machines – including copies of itself, according to an article from New Atlas. The robots, according to New Scientist, are created using just four strands of DNA, and measure just 100 nanometers across, so about a thousand of them could squeeze up into a line the width of a human hair. The team, from New York University, the Ningbo Cixi Institute of Biomechanical Engineering, and The Chinese Academy of Sciences, says the robots surpass previous efforts, which were only able to assemble pieces into two-dimensional shapes. The new bots are able to use "multiple-axis precise folding and positioning" to "access the third dimension and more degrees of freedom." These nano-bots are often viewed as potential ways of manufacturing drugs, enzymes and other chemicals, potentially inside the cells of the body. But the researchers specifically call out the fact that these machines can "self-replicate its entire 3D structure and functions."

Bill Gates said he was originally expecting the internet to make the world a more fact-based, rational place, but has come to realize it's become a tool for disinformation and "crazy ideas," according to an article from Business Insider. "I will admit, the people who drove the digital revolution, including myself, really thought that the world would get more rational," Gates said at a fireside chat on December 7, 2023, in New York. Keep in mind that this is the same guy who once said that no one would ever need more than 640KB of RAM, too.

A "consumer alert" from the U.S. Federal Trade Commision (FTC) is advising consumers to be wary when scanning QR codes Scammers have been "discovered" replacing valid QR codes with fake QR codes, routing users to fake websites all in an effort to steal personal and private information. You can read the FTC advisory on their website.

The skull of pliosaur, a massive prehistoric sea predator, was discovered in the UK, along what is commonly referred to as England's "Jurassic Shore" along the cliffs of Dorset, according to an article from USA Today, and many other media outlets. It is thought to be the most complete pliosaur skull ever discovered. The perilous mission to recover the fossilized skull of the prehistoric pliosaur will be documented in an upcoming BBC film narrated by David Attenborough.

Meanwhile, according to an article from Earth.com, researchers have unearthed a new mosasaur in Japan, the "blue dragon," that rivals the size of a great white shark, dating back 72 million years. This ancient marine predator, given the Japanese name Wakayama Soryu, offers new insights into the prehistoric seas of the Pacific.

The stomach of the teenage tyrannosaur Gorgosaurus libratus is a gift that keeps on giving, according to an article from Popular Science. A team of paleontologists in Canada found the remains of two meals preserved inside of its stomach cavity, including the partially digested drumsticks of two birdlike dinosaurs. The findings were described in a study published December 8 in the journal Science Advances and is the first known time that well-preserved gut continents have been discovered in a fossilized tyrannosaur.

Is there life beyond Earth? The question has turned out to be one of the hardest to answer in science, according to an article from Space.com. Despite the seemingly boundless expanse of the universe, which implies there's potential for abundant life, the vast distances between stars render the search akin to locating a needle in a cosmic haystack. The Search for Extraterrestrial Intelligence (SETI) constitutes a branch of astronomy dedicated to finding extraterrestrial life by searching for unusual signals, dubbed technosignatures. The identification of a technosignature wouldn't just signify the existence of life, but specifically point to the presence of intelligent life using advanced technology. Previous technosignature surveys have included only the radio frequency band above 600 MHz, leaving lower frequencies virtually unexplored. That's despite the fact that everyday communication services such as air traffic control, marine emergency broadcasting and FM radio stations all emit this type of low-frequency radiation on Earth.

Google announced this week that it will be making several important changes to the way it handles users' "Location History" data, according to an article from the Electronic Frontier Foundation, a.k.a. EFF. These changes would appear to make it much more difficult—if not impossible—for Google to provide mass location data in response to a geofence warrant, a change EFF has been asking Google to implement for years.

It sounds like something you'd hear from your paranoid friend: your devices are listening to you so that companies can market items to you based on your conversations, according to an article from Business Insider. Except that's exactly what a marketing company is bragging about, a new report from 404 Media reveals. Cox Media Group recently gave advertisers an overview of a new technology it calls Active Listening. CMG claimed that its technology can use microphone data from devices like smartphones and tablets, specifically analyzing "pre-purchase conversations." The since-deleted blog post also mentions using AI to determine when the phrases heard from smart devices could be "relevant" to advertisers.

Years after rival web browsers made the move, Google Chrome on Jan. 4 will begin blocking websites from using third-party cookies, the easiest way to track our online behavior as we move around the web, according to an article from CNET. The browser will block third-party cookies for 1% of users on computers and Android phones, said Anthony Chavez, leader of Google's Privacy Sandbox project, in a blog post. Google will extend the block to all Chrome users by the end of 2024 under a schedule that has been pushed back several times in recent years. The Chrome change, even though it so far only affects a small portion of people, is a momentous change for the web. Cookies, small text files that websites store on phones and PCs, have been used nearly since the dawn of the web, and ejecting them has been tough despite a growing effort to protect privacy online. Chrome is the dominant browser, accounting for 63% of web usage, according to analytics firm StatCounter. Major browser competitors, including Apple Safari, Mozilla Firefox and Brave, began blocking cookies years ago, and Microsoft Edge offers the same with a "strict" privacy setting, but Google moved more slowly.

Are you confused by EXACTLY what is meant by the term "Quantum Computing?" Well, this article from Reuters may help lift some of the confusion. To be honest, while I still found it difficult to wrap my head around the simplified explanation, the article does an excellent job of attempting to demystify the concept.

While many AI companies race to find ways to use the technology to enhance or even create video, Resemble AI is focused on audio fidelity, according to an article on the Decrypt website. The startup—which also offers an AI voice generator for businesses to use to create realistic human–like voice overs—has launched 'Resemble Enhance,' an open-source tool designed to significantly upgrade the quality of historical audio. The new service can take a distorted, fuzzy recording of a long-lost historical speech and then apply AI to make it sound like it was recorded or broadcast yesterday. You can try out Resemble Enhance by visiting its website, or by visiting its official GitHub page.

A press release from Canalys estimates that in the nearly two-year period until Microsoft's official end-of-support date for Windows 10 – 14 October 2025 – roughly a fifth of devices will become e-waste due to incompatibility with the Windows 11 OS. This equates to 240 million PCs. If these were all folded laptops, stacked one on top of another, they would make a pile 600 km taller than [the distance to] the moon. Of course, that's assuming that there's ONLY one OS worthy of those machines. This could turn into quite a boon for Linux users, rescuing still-usable computers from a premature death in landfills around the world. It may be time for some new "curbside shopping" adventures!

Do you want to be able to discern if what you read has been written by AI? That is the premise of an article from Gizmodo. Over the coming short term, this is going to become a burgeoning "skill," as more and more people try to pawn off AI creations as their own, original work. And, the better AI gets, as it's bound to do as it "evolves," the more and more difficult it will become to be able to spot AI-generated anything. Trust me … nothing about this article (or anything else that appears in The PCLinuxOS Magazine, for that matter … as far as I am aware) is AI-generated. And when it is (so far, only images), we are up front about it.

A groundbreaking study led by researchers at the University of Pittsburgh School of Medicine has unveiled a previously unknown class of antibodies with the potential to neutralize various forms of the flu virus, according to an article from the Jerusalem Post. The findings, published in the open-access journal PLOS Biology on December 21, 2023, mark a significant step toward the development of more universally protective flu vaccines.

Another month, another zero-day Google Chrome vulnerability. The latest update for Google Chrome — version 120.0.6099.129 for Mac and Linux, and versions 120.0.6099.129/130 for Windows — patches just one security flaw, but that doesn't mean you should ignore it, according to an article from Lifehacker. The flaw, tracked as CVE-2023-7024, is a heap buffer overflow in WebRTC, a platform that adds communication features like video and audio without the need for plugins.