Connect with us

Biz & IT

Politiscope, an app to track Congressional voting records and bills, launches on Android devices

Published

on

Last September, two former National Football League players launched an app called Politiscope to track the voting records of members of Congress and the bills that they were introducing — and provide non-partisan information about what those bills and votes would mean to voters.

The pro-football-playing brothers, Walter Powell Jr. and Brandon Williams, launched the app to provide an accurate accounting of what Congressional leadership was doing — something the two felt was necessary given the political climate and the ways in which the traditional sources of education on political issues were being called into question.

“A claim of ‘Fake News’ from the current national leaders in response to unflattering news threatens this nation’s democracy and the concept that this great nation was built upon,” said Powell in a statement when the app first launched in September.

Now the two brothers are expanding Politiscope’s reach by launching the Android version of the service.

While the scope of Politiscope may be expanding, the brothers make clear that the company’s mission is still the same. To provide unbiased information sourced from places like the Congressional Budget Office, the Library of Congress, and the Pew Research Center.

Politiscope has two main features in the app.

The first is its “Today in Congress” section, which provides information on all of the proposed legislation that’s making its way through the House of Representatives and the Senate. The app summarizes the bills and gives statements from Republicans and Democrats on how they view the bill that’s been proposed.

The second feature is its profiles of elected officials. The profiles include voting records, business records and other information culled from Federal records and publicly available information to give voters a clear picture of their representatives in government based solely on data.

“Unless you’re studying the actual legislation, it’s almost impossible to find a good source of political information that isn’t at least somewhat slanted, either to the right or the left,” says Powell. “Today’s media is becoming more and more widely split along liberal and conservative lines, and political rhetoric is growing increasingly devoid of clear and objective information. Politiscope exists to eliminate bias and help people understand what’s actually going on in the world of U.S. politics.”

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

Verizon has been leaking customers’ personal information for days (at least)

Published

on

Enlarge / A Verizon FiOS truck in Manhattan on September 15, 2017.

Verizon is struggling to fix a glitch that has been leaking customers’ addresses, phone numbers, account numbers, and other personal information through a chat system that helps prospective subscribers figure out if Fios services are available in their location.

The personal details appear when people click on a link to chat with a Verizon representative. When the chat window opens, it contains transcripts of conversations that other customers, either prospective or current, have had. The transcripts include full names, addresses, phone numbers, account numbers (in the event they already have an account), and various other information. Some of the transcripts viewed by Ars date back to June. A separate Window included customers’ addresses, although it wasn’t clear who those addresses belonged to.

“Hi—I’m looking to get the teacher discount for Fios,” one person wrote on November 29. Below are redacted screenshots of some of what has been available.

Ars learned of the leak on Monday afternoon and alerted Verizon representatives immediately. The plan was to report the leak only after it had been fixed. As this post went live, the leak was still occurring, although the number of exposed chats had lessened. Ars decided to report the leak to alert people who may use the service that this data is being exposed. It’s not clear when Verizon began leaking the data. With some of the chats dating back to June, it’s possible that the leak has been occurring for months.

In a statement issued Thursday morning, Verizon said:

We’re looking into an issue involving our online chat system that assists individuals who are checking on the availability of Fios services. We believe a small number of users may have seen a name, phone number, and/or a home or building address from an unrelated individual who had previously used this chat system to enter that information. Since the issue was brought to our attention, we’ve identified and isolated the problem and are working to have it resolved as quickly as possible.

It’s not the first time Verizon has spilled customer information. In 2016, a database of more than 1.5 million Verizon Enterprise Solutions customers was put up for sale on an online crime forum. Verizon said at the time that a “security flaw in its site [had] permitted hackers to steal customer contact information,” according to KrebsOnSecurity, which broke the news.

Verizon was also one of four US cellphone carriers caught selling customers’ real-time locations to services that catered to law enforcement. One of the services made subscriber locations available to anyone who took the time to exploit an easily spotted bug in a free trial feature.

For the time being, it makes sense to avoid using Verizon’s Fios availability chat feature. This post will be updated once Verizon says the glitch has been fully fixed.

Continue Reading

Biz & IT

Amazon to roll out tools to monitor factory workers and machines

Published

on

Amazon is rolling out cheap new tools that will allow factories everywhere to monitor their workers and machines, as the tech giant looks to boost its presence in the industrial sector.

Launched by Amazon’s cloud arm AWS, the new machine-learning-based services include hardware to monitor the health of heavy machinery and computer vision capable of detecting whether workers are complying with social distancing.

Amazon said it had created a two-inch, low-cost sensor—Monitron—that can be attached to equipment to monitor abnormal vibrations or temperatures and predict future faults.

AWS Panorama, meanwhile, is a service that uses computer vision to analyze footage gathered by cameras within facilities, automatically detecting safety and compliance issues such as workers not wearing PPE or vehicles being driven in unauthorized areas.

The new services, announced on Tuesday during the company’s annual cloud computing conference, represent a step up in the tech giant’s efforts to gather and crunch real-world data in areas it currently feels are underserved.

“If you look at manufacturing and industrial generally, it’s a space that has seen some innovations, but there’s a lot of pieces that haven’t been digitized and modernized,” said Matt Garman, AWS’s head of sales and marketing, speaking to the FT.

“Locked up in machines”

“There’s a ton of data in a factory, or manufacturing facility, or a supply chain. It’s just locked up in sensors, locked up in machines that a lot of companies could get a lot of value from.”

Amazon said it had installed 1,000 Monitron sensors at its fulfillment centers near the German city of Mönchengladbach, where they are used to monitor conveyor belts handling packages.

If successful, said analyst Brent Thill from Jefferies, the move would help Amazon cement its position as the dominant player in cloud computing, in the face of growing competition from Microsoft’s Azure and Google Cloud as well as a prolonged run of slowed segment growth.

“This idea of predictive analytics can go beyond a factory floor,” Mr. Thill said. “It can go into a car, on to a bridge, or on to an oil rig. It can cross fertilize a lot of different industries.”

A number of companies are already trialling AWS Panorama. Siemens Mobility said it would use the tech to monitor traffic flow in cities, though would not specify which. Deloitte said it was working with a major North America seaport to use the tool to monitor the movement of shipments.

“Easy for us to get worried”

However, Amazon’s own use of tools to monitor the productivity of employees has raised concerns among critics. Throughout the pandemic, the company has used computer vision to ensure employee compliance with social distancing guidelines.

Swami Sivasubramanian, AWS’s head of machine learning and AI, said none of the services announced would include “pre-packaged” facial recognition capabilities, and he said AWS would block clients who abused its terms of service on data privacy and surveillance.

“When you look at this technology, sometimes it’s very easy for us to get worried about how they can be abused,” he told the FT.

“But the same technology can be used to ensure worker safety. Are people walking in spaces where they shouldn’t be? Is there an oil spill? Are they not wearing hard hats? These are real-world problems.”

© 2020 The Financial Times Ltd. All rights reserved Not to be redistributed, copied, or modified in any way.

Continue Reading

Biz & IT

Oracle vulnerability that executes malicious code is under active attack

Published

on

Attackers are targeting a recently patched Oracle WebLogic vulnerability that allows them to execute code of their choice, including malware that makes servers part of a botnet that steals passwords and other sensitive information.

WebLogic is a Java enterprise application that supports a variety of databases. WebLogic servers are a coveted prize for hackers, who often use them to mine cryptocurrency, install ransomware, or as an inroad to access other parts of a corporate network. Shodan, a service that scans the Internet for various hardware or software platforms, found about 3,000 servers running the middleware application.

CVE-2020-14882, as the vulnerability is tracked, is a critical vulnerability that Oracle patched in October. It allows attackers to execute malicious code over the Internet with little effort or skill and no authentication. Working exploit code became publicly available eight days after Oracle issued the patch.

According to Paul Kimayong, a researcher at Juniper Networks, hackers are actively using five different attack variations to exploit servers that remain vulnerable to CVE-2020-14882. Among the variations is one that installs the DarkIRC bot. Once infected, servers become part of a botnet that can install malware of its choice, mine cryptocurrency, steal passwords, and perform denial-of-service attacks. DarkIRC malware was available for purchase in underground markets for $75 in October, and it is likely still being sold now.

Other exploit variants install the following other payloads:

  • Cobalt Strike
  • Perlbot
  • Meterpreter
  • Mirai

The attacks are only the latest to target this easy-to-exploit vulnerability. A day after the exploit code was posted online, researchers from Sans and Rapid 7 said they were seeing hackers attempting to opportunistically exploit CVE-2020-14882. At the time, however, the attackers weren’t actually trying to exploit the vulnerability to install malware but instead only to test if a server was vulnerable.

CVE-2020-14882 affects WebLogic versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. Anyone using one of these versions should immediately install the patch Oracle issued in October. People should also patch CVE-2020-14750, a separate but related vulnerability that Oracle fixed in an emergency update two weeks after issuing a patch for CVE-2020-14882.

Continue Reading

Trending