Facebook may crack down on Russian government accounts to fight disinformation

Facebook says it’s eyeing new ways to limit the influence of official Russian government accounts as it sees a surge in cyber espionage and “covert influence operations” tied to “government-linked actors” from Russia and Belarus.

Facebook’s security researchers shared the update as part of the company’s first quarterly adversarial threat report, which detailed its latest efforts to prevent its platform from being exploited amid Russia’s invasion of Ukraine.

During a call with reporters, Meta’s President of Public Policy Nick Clegg said that the company has seen an uptick in state-backed disinformation and other efforts to sow misinformation. “Since Russia’s invasion of Ukraine, we’ve seen attacks on internet freedom and access to information intensified,” Clegg said. “It’s manifested itself in two ways: One focus is on pushing state propaganda through state-run media, influence operations and espionage campaigns. And the other aimed at closing down the flow of credible information.”

Clegg added that the company is considering new steps to prevent official government accounts from spreading disinformation, but didn’t elaborate. Though Facebook has been demoting Russian state media outlets since March, the company hasn’t had a clear strategy for addressing misinformation and lies about the war from official government accounts. Up to know, it’s taken one-off actions against specific posts, like when an account belonging to Russia’s UK embassy falsely claimed a photo of a hospital bombing was staged.

Now Facebook is apparently considering how it can better prevent these accounts from spreading misinformation, said Clegg, who has previously been a vocal defender of Facebook’s policy against fact-checking politicians. “We are actively now reviewing additional steps to address misinformation and hoaxes coming from Russian government pages,” Clegg said.

Official pages are just one area of concern for Facebook though. In its report, Facebook security researchers detailed several influence operations and other campaigns to manipulate its platform in favor of pro-Russian interests and disinformation.

“For example, we detected and disrupted recidivist CIB [coordinated inauthentic behavior] activity linked to the Belarusian KGB who suddenly began posting in Polish and English about Ukrainian troops surrendering without a fight and the nation’s leaders fleeing the country on February 24, the day Russia began the war,” they wrote in the report. “On March 14, they pivoted back to Poland and created an event in Warsaw calling for a protest against the Polish government. We disabled the account and event that same day.”

The company also said it saw renewed activity from Ghostwriter, an entity that uses phishing attacks on email accounts to take over its targets’ social media accounts. Facebook previously said Ghostwriter targeted a handful of Ukrainian journalists, military officials and other public figures at the start of the war. This time, Ghostwriter “attempted to hack into the Facebook accounts of dozens of Ukrainian military personnel,” Facebook wrote. “In a handful of cases, they posted videos calling on the Army to surrender as if these posts were coming from the legitimate account owners. We blocked these videos from being shared.”

Facebook also spotted renewed activity from Russia’s Internet Research Agency, the troll farm behind Russia’s 2016 election interference campaign that’s made repeated attempts to get back on Facebook in recent years. Facebook said their attempts to make new accounts on the platform were “unsuccessful” and appeared to be trying to drive traffic to a separate website that “blamed Russia’s attack on NATO and the West and accused Ukrainian forces of targeting civilians.”

Finally, Facebook also said it has removed “tens of thousands’ ‘ of accounts, pages and groups for using spammy and misleading tactics in an attempt to profit off the war in Ukraine. These efforts included meme pages posing as on-the-ground reports from Ukraine as well as spammers trying to sell merch or lure people to outside websites for ad revenue.

Google is clamping down on out-of-date Android apps

Google has unveiled new policies for the Play Store that will effectively bar any existing Android Apps that are significantly out of date. All apps in the Store must target an API level within two years of the latest major Android release, or they won’t be available for discovery or installation, it announced on its Android Developer blog. The aim is to “protect users from installing older apps that may not have these protections in place,” the company said. The changes will go into effect on November 1st, 2022.

Currently, Google requires new apps and app updates to target an Android API level within just one year of the latest Android OS version release. The new changes, by contrast, target existing apps that may not have been updated in a while. Google notes that if you’re running an older device, you’ll “continue to be able to discover, re-install, and use the app on any device running any Android OS version that the app supports.”

Google said the “vast majority” of apps already follow the incoming standard. While that may be true, the Play Store has around 2.87 million apps in total, so there are a no doubt a huge number that need attention. For those that don’t conform, it’s notifying developers and giving them any resources needed to update.

Play has seen a lot of new security measures over the last few years. The most significant came in 2017 when Google launched Play Protect designed to scan for rogue apps with help from machine learning. However, some still get through that pose security risks and violate user privacy. The new policy may help stop a good chunk of those, but as we all know by now, it will never catch them all

The Morning After: OpenAI’s DALL·E 2 is imagination meets AI image generation

The OpenAI consortium has unveiled the next iteration of DALL·E, a multimodal AI that could generate rudimental, low-res images from a text-based prompt. This time around, the system is capable of generating images at higher resolution and with lower latency than the original. They’re also eminently more shareable and impressive — check the AI’s Instagram account right here.

TMA
OpenAI

DALL·E 2 uses OpenAI’s CLIP image recognition system and adds the ability for users to edit the results. They can now select and edit areas of existing images, add or remove elements, mash together two images into a single collage and generate further variations of an existing image. What’s more, the output images are 1,024 pixel squares, up from the 256 x 256-pixel canvases generated by the original version. Unlike the first, which anybody could play with on the OpenAI website, this new version is currently limited to vetted partners who are also constrained in their uploads and creations. The consortium is trying to keep it all family-friendly, too.

Anyone interested in collaborating with DALL·E 2 can register for the waitlist here.

— Mat Smith

The biggest stories you might have missed

The Peloton Guide wouldn’t let me skip a single push-up

The connected camera is a simple but persistent workout monitor.

TMA
Engadget

Peloton’s Guide, a $295 movement-tracking camera that brings strength training to the company’s fitness offering, is finally available to purchase. Before you do that, check out some early first impressions. For people like me, who loathe cardio, it could be a high-tech way to add some scrutiny and guidance to your bodyweight (and weight-lifting) workouts. Expect the detailed, polished interface of a Peloton product, even if I wish the Guide could share a little more, well, guidance.

Continue reading.

Police reports suggest a larger pattern of AirTag stalking

Fifty women in eight jurisdictions called the cops about unwanted trackers.

A report from Motherboard, based on police data, suggests that bad actors are using Apple’s AirTag to track people without their consent. Motherboard received 150 reports from eight police departments and found that, in 50 cases, women called the cops after receiving notifications suggesting someone was tracking them with an AirTag or they heard the device chiming. Half of those women suspected the tags were planted in their car by a man they knew, such as a current or former romantic partner or their boss.

Continue reading.

ESPN aired last night’s Nets and Knicks game with decade-spanning classic graphics

To mark the NBA’s 75th anniversary.

On November 1st, 1946, the Toronto Huskies and New York Knicks played what is now considered the first game in NBA history. With the league celebrating its 75th birthday this season, ESPN took fans down memory lane, with ESPN2 broadcasting an alternative presentation of the game with in-game graphics from past NBA broadcasts. These spanned 1960s on ABC, the 1970s and 1980s on CBS and the 1990s on NBC, each represented during the game with graphics changing between quarters.

Continue reading.

MLB will fight cheating with an electronic pitch-calling system

PitchCom could prevent opposing teams from stealing signs.

Baseball catchers have long signaled pitches with their fingers, but that could soon become a thing of the past in the big leagues. Major League Baseball has approved a system for catchers to send directions to their pitchers electronically. The PitchCom system centers around a sleeve catchers wear on their forearm. They can press buttons to identify the pitch type and location. The pitcher hears the call through a bone-conduction listening device. The channels are encrypted and teams can program codewords to replace terms like “fastball” or “curveball.” It all sounds delightfully espionage heavy. I love it.

PitchCom will be optional, and teams can still use traditional hand signals if they wish. However, according to AP, around half of MLB teams have expressed interest in using the new system.

Continue reading.


Anker says its first 3D printer is built for speed.

It’s a little different to a power bank.

The AnkerMake M5 is the company’s first 3D printer, and Anker claims the M5 should prototype creations faster, while also offering a slower, smoother finish when needed.

The AnkerMake M5 has a basic print speed of 250 mm/s² for more detailed projects that need a smooth finish. However, the printer also has a much speedier mode that hits 2,500 mm/s². The end result is rougher and less detailed, but Anker says it enables the M5 to reduce average print times by up to 70 percent compared to other printers. The company isn’t entirely on board: For now, it’s a Kickstarter project, and you can back it for an early bird price of $429. After that, you’ll have to pledge at least $499 to grab the printer.

Continue reading.

The FBI silently removed Russian malware to thwart global cyberattacks

Attorney General Merrick B. Garland has revealed that the United States secretly removed malware from computer networks around the world over the past few weeks to pre-empt Russian cyberattacks. As The New York Times reports, Garland’s announcement comes shortly after the White House warned companies that Russia could attack critical infrastructure in the country, such as financial institutions and the electric grid. Apparently, the malware the US removed enabled the intelligence arm of the Russian military called the GRU to create botnets out of the infected computer networks. 

According to the Justice Department, the malware was designed to infect firewalls and made the compromised networks part of a botnet called Cyclops Blink. It’s controlled by Sandworm, a notorious group that the US government had previously connected to the GRU. Cyclops Blink is Sandworm’s latest known botnet, and it only came to light back in February. It’s still unclear what Russia was planning to do with the hijacked computers, but botnets are typically used to perform large-scale Distributed Denial of Service (DDoS) attacks, as well as to send spam and to compromise sensitive information. 

In its press release, the DOJ said the FBI notified owners of infected devices in the US before Cyclops Blink was identified in February 23rd. It also notified companies outside the country through local law enforcement partners. However, US authorities didn’t want to wait to find out what the botnet would be used for. 

The Justice Department and the FBI obtained secret court orders in the US and secured the help of governments worldwide to quietly remove the malware from infected devices. Those court orders even gave them the power to remotely remove the malware from American companies’ networks without their knowledge. After the feds disinfected the compromised machines, they also closed the external management ports Sandworm was using for access.

Over the past months, the Biden administration has been exposing as much intelligence on Russia as possible without giving away its actions to catch Putin off guard. This disclosure is just its latest effort to send a message to the Russian president. The fact that Sandworm infiltrated networks around the world to create a botnet just shows, however, that there’s a cyber warfare going on that might end up affecting countries other than Ukraine. If you’ll recall, a major cyberattack took down Ukraine’s government websites before the Russian invasion of the country began. Ukraine’s government, as well as US and UK authorities, blamed the attacks on the GRU.

Volvo says all its new vehicles now support over-the-air updates

Volvo now offers over-the-air (OTA) software updates across its entire vehicle lineup, it announced. After first introducing it on all-electric models like the XC40, it’s bringing the feature over to all new XC90, S60 and V60 ICE and hybrid vehicles. 

The latest update (Volvo’s eighth so far) will roll out to over 190,000 vehicles this week. Owners will get the latest version of Android Automotive OS with Android 11 on their infotainment systems, with new app categories on Google Play ranging from navigation to charging and parking. Video streaming is expected to arrive later in the year. 

Volvo extends over-the-air software updates to all its vehicles
Volvo S60 interior
Volvo

It also brings feature improvements around energy management, climate timers and mobile app functionality. The energy management updates will help keep the battery temperatures stable in both warm and cold weather to boost range and lower charging times. You’ll also see more frequent charging percentage updates during sessions.

Tesla pioneered over-the-air software updates on its Model S, X, 3 and other vehicles, assuring buyers that their EVs would get features found on newer models. It not only updates the software for entertainment and other systems (SOTA), but also firmware controlling the hardware (FOTA). Most automakers now offer some form of OTA updates, but many (BMW, Audi, Fiat) only deliver SOTA updates to the infotainment systems. 

Others, including GM and Ford, offer more extensive updates to vehicle systems, allowing them to improve range, performance and other factors. Volvo appears to fall into that category, improving not just the navigation and entertainment systems but charging and other features as well. It also promised that the infotainment system, developed jointly with Google, will feature on all new models across its lineup. 

TAG Heuer’s latest golf smartwatch offers more help with your shots

TAG Heuer was virtually certain to follow up its Connected Calibre E4 smartwatch with a version for golf enthusiasts, and it’s now clear you didn’t have to wait long. The watchmaker has introduced a Calibre E4 Golf Edition that melds the updated wristwear with some matching upgrades to your experience on the fairway. Most notably, the brand has overhauled the on-watch map interface to show more of the course and your game, including the distances for the target and tracking shot.

You can also expect automatic shot tracking when you swing at the tee — the feature will eventually come to the Apple Watch app, but it’s worth noting if you’re determined to perfect your drive. If you pair with an iPhone, you can also use TAG Heuer’s iOS app to share 3D videos of your best shots. Like you’d expect, the Golf Edition E4 has its share of game-inspired faces and a strap that not-so-subtly mimics the dimples on your ball.

This is otherwise the titanium 45mm Calibre E4 introduced in February, although that’s plenty if you want a reasonably current Wear OS watch. You’ll find a Snapdragon Wear 4100+ chip that promises both faster performance and 30 percent more battery life than previous models. An altimeter will help with your hiking trips, and the brighter screen will help on sunny golfing days. TAG Heuer should upgrade the watch to Wear OS 3 when it’s available.

The Connected Calibre E4 Golf Edition will be available this month for $2,650 with three Titleist balls and a spare marker in the box. That’s more than the regular titanium E4 ($2,550) and well above the $1,800 ‘entry’ price for the watch range. But let’s be honest: if you’re even considering a TAG Heuer smartwatch and already devote your weekends to golf, you can likely afford to pay the premium for this variant.

Google pulls apps that may have harvested data from millions of Android devices

Google has pulled dozens of apps used by millions of users after finding that they covertly harvested data, The Wall Street Journal has reported. Researchers found weather apps, highway radar apps, QR scanners, prayer apps and others containing code that could harvest a user’s precise location, email, phone numbers and more. It was made by Measurement Systems, a company that’s reportedly linked to a Virginia defense contractor that does cyber-intelligence and more for US national-security agencies. It has denied the allegations.

The code was discovered by researchers Serge Egelman from UC Berkeley and the University of Calgary’s Joel Reardon, who disclosed their findings to federal regulators and Google. It can “without a doubt be described as malware,” Egelman told the WSJ

Measurement Systems reportedly paid developers to add their software development kits (SDKs) to apps. The developers would not only be paid, but receive detailed information about their user base. The SDK was present on apps downloaded to at least 60 million mobile devices. One app developer said it was told that the code was collecting data on behalf of ISPs along with financial service and energy companies. Measurement Systems also said it wanted data mainly from the Middle East, Central and Eastern Europe and Asia. 

“A database mapping someone’s actual email and phone number to their precise GPS location history is particularly frightening, as it could easily be used to run a service to look up a person’s location history just by knowing their phone number or email, which could be used to target journalists, dissidents, or political rivals,” Reardon said in the AppCensus research blog.

Though Google has pulled those apps from the Play Store, the researchers noted that they still exist on millions of devices. At the same time, they found that the SDK stopped collecting user data after their findings were revealed.

The Measurement Systems domain was registered by a company called Volstrom Holdings Inc., which deals with the federal government through a subsidiary called Packet Forensics LLC. A company called Measurement Systems S de R.L. “also listed two holding companies as officers, both of which share a Sterling, Va., address with people affiliated with Volstrom,” the WSJ noted. 

In a statement, Measurement Systems told the WSJ by email that “the allegations you make about the company’s activities are false. Further, we are not aware of any connections between our company and U.S. defense contractors nor are we aware of… a company called Vostrom. We are also unclear about what Packet Forensics is or how it relates to our company.”

‘Mario Golf’ will join Nintendo’s Switch Online Expansion Pack on April 15th

You can already play Mario Golf on the Switch thanks to Super Rush, but soon you’ll also be able to play the original game that started the series if you’re feeling nostalgic. Nintendo is giving Switch Online subscribers paying extra for the Expansion Pack tier access to the first Mario Golf published in 1999. 

The Nintendo 64 game lets you choose from characters that include Mario, his friends and allies, as well as his enemies, and play golf on Mario-themed courses. It has several gameplay modes, such as Tournament, Speed Golf and Mini Golf, though it was developed to be easy to play, even for kids. 

Nintendo launched the Switch Online Expansion Pack in October 2021 as a higher tier subscription that costs $50 a year. That’s $30 more than an individual basic subscription, but it will give you access to classic N64 and Sega Genesis games. The basic subscription only includes access to Nintendo’s NES and SNES titles. 

While the gaming giant launched the service with a limited number of games, it has added quite a few more since then. They include the original Paper Mario, Banjo-Kazooie and The Legend of Zelda: Majora’s Mask. Nintendo has also rolled out some improvement updates that fix several emulation issues plaguing the service since its debut, such as bad input lag.

The original Mario Golf will be available to Expansion Pack members on April 15th. 

The SEC is reportedly investigating Amazon over its use of third-party seller data

Back in 2020, a Wall Street Journal report revealed that Amazon employees routinely used data collected from third-party sellers to launch competing products for the company’s private-label business. The US Congress is already investigating the e-commerce giant over that practice, and according to The Journal, so is the Securities and Exchange Commission. Apparently, the SEC is looking into how Amazon disclosed its business practices, including how its employees used data for its private-label brands

As The Journal notes, the SEC is in charge of regulating how publicly traded companies communicate with their investors. It can impose fines and other enforcement actions against them if it finds that they had failed to disclose important business information to investors in a timely manner. As part of the probe, which has reportedly been underway for over a year now, the SEC asked for emails and other communications from several senior Amazon executives.

After the original report from The Journal came out, Amazon denied that it uses third-party seller data to launch competing products. It launched an internal investigation of its private-label division, but it refused to provide Congress a copy of its results. Last month, the House Judiciary Committee asked the Department of Justice to launch another investigation into Amazon over a possible criminal obstruction

The committee said back then that the company refused to turn over business documents and communications “to conceal the truth about its use of third-party sellers’ data to advantage its private-label business and its preferencing of private-label products in search results.” As you’d expect, an Amazon spokesperson denied that’s the case and referenced the “huge volume of information [the company has] provided over several years of good-faith cooperation with this investigation.”

Mark Zuckerberg thinks this looks like a home office

Meta CEO Mark Zuckerberg — a real, human man who works — understands the plight of those who work remotely. The 37-year-old founder of one of the world’s largest companies is actually working remotely as you read this. But unlike you or me, Zuckerberg’s home office is in the metaverse. Zuckerberg on Facebook today teased an upcoming software update to the Quest 2’s Horizon Home that includes a home office space. It looks kind of like a Blue Bottle Coffee, or maybe a dentist’s office. But it’s in VR, you see.

It’s becoming glaringly clear that Zuckerberg wants the future of work to look like the world’s most boring VR video game. It’s less boot stamping on a human face forever, and more expensive, inconvenient solution in search of a problem. According to Zuckerberg, workers can use the metaverse office to take “Messenger calls, read emails or work on your next big project.” It’s also true that most of us can do those tasks just fine on our computers. But imagine the productivity boost you’ll get doing all these mundane tasks while strapped to a Quest 2 headset!

Meta’s Horizon, for those who don’t know, is a group of three social VR apps that rolled out last December. It includes Horizon Worlds (user-created experiences), Horizon Venues (sports and concerts) and Horizon Workrooms (work). They resemble 3D social playplaces, where users create their own avatars and interact with each other (all the while keeping a four-foot personal boundary from each other.) As of February, Worlds and Venues had around 300,000 users, against an estimated 10 million Quest 2 headsets sold. Dismal numbers, some might say. A company spokesperson would not disclose many people — including Meta employees — currently use Workrooms in any capacity.

Working in VR is still a relatively novel concept, mostly because it’s been terrible so far. If you’re curious about what kind of work applications are available in VR for Quest 2, there are still only a handful — two of which are Facebook and Instagram (both in beta). There are also apps for spreadsheets (Smartsheet), visual collaboration (MURAL), email (Spike) and VR versions of Dropbox and Slack.

If you want to know what it feels like to read your emails in VR, Lifewire took one for the team. While reading emails can become grating in the real world, the Quest 2 speedruns the experience and gets “uncomfortable after half an hour.” Spike’s VR app also lacks the ability to attach files to an email, a feature that has been available outside the metaverse since 1998.

While Workplaces might seem to an outsider like a complicated, physically nauseating way to perform tasks most people already hate doing, what matters most is how the product is being received by Meta’s audience.

“I really don’t see the point of it? Why would you need to do office work in a virtual world? It looks great for sure, but that’s about it,” wrote one user in the comments to Zuckerberg’s post.

From another enthused user: “How primal and old-fashioned. It looks like the futuristic spaces of the 80’s lol. Who in their right mind will waste their time on this.”

As dubious as a VR-enabled workspace may be, there’s still more interest than ever in all that virtual reality entails. IDC reported that more than 11.2 million VR/AR headsets were sold in 2021, a 92.1 percent increase from the year prior. The newly rebranded Meta Quest 2 (formerly known as the Oculus Quest 2) hit stores this week. The Quest 2 is currently the world’s best-selling VR headset, but that could change when Sony, Apple and other tech giants enter the space.

While we can’t know for sure how much Meta has spent developing digital cubicles specifically, the company plans to sink at least $10 billion in metaverse projects this year alone. For reference, WeWork —essentially a mass subletter of actual, physical offices — went public on a valuation of $9 billion — although simply buying up companies may no longer be a viable growth strategy.