Blurblogs
Global
Popular
Log in
acdha's blurblog
Software developer at a big library, cyclist, photographer, hiker, reader. Email: chris@improbable.org
24379 stories
·
217 followers

Nine on trial in Frankfurt on charges of plotting to overthrow German state | Germany | The Guardian
Tuesday May 21st, 2024 at 8:20 PM

The Guardian
1 Share

A group including a self-styled aristocrat, a former far-right politician and retired military officers sought the approval of the Russian state as it plotted a violent “seizure of power” in covert meetings at motorway service stations and a hunting lodge, a court in Germany has heard.

On the first day of their trial, nine defendants appeared in court in Frankfurt charged with high treason, facing allegations they plotted over a period of about 18 months to overthrow the state.

In what the group is said to have called the “Reactivation of Germany”, the self-declared Patriotic Union stands accused of planning to storm the Reichstag. It allegedly aimed to take MPs hostage and show a shackled chancellor, Olaf Scholz, on television in expectation of winning over ordinary Germans.

All the accused deny the charges.

In a 64-page indictment, read by prosecutor Tobias Engelstätter, the court heard on Tuesday how the group known as “the council”, the political wing of the Patriotic Union, was believed to have formed a terrorist organisation around the alleged ringleader, Heinrich XIII Prince Reuss. Had the alleged coup succeeded, the plotters had allegedly planned for Reuss to become Germany’s new chancellor.

Engelstätter alleged that the group had gradually fleshed out its plans and attempted to recruit new members, making investigatory visits to the Bundestag, the German parliament, using the pass of one of the defendants, Birgit Malsack-Winkemann, a former politician for the far-right Alternative für Deutschland.

The prosecutor also claimed the group, which he said had met in various locations across Germany including Reuss’s hunting lodge and motorway service stations, had feverishly pursued conspiracy theories around the QAnon movement.

The group had allegedly also sought the support of the Russian state via Reuss’ girlfriend, Vitalia Bondarenko, who is accused of approaching officials at consulates in Germany and Slovakia.

The court heard how the group was accused of gathering a considerable cache of guns, weapons, ammunition and other military equipment, from night vision goggles to a range of knives.

“They knew their seizure of power would involve the killing of people,” the prosecutor said.

Engelstätter alleged that, ahead of what the group collectively referred to as “Day X”, Peter Wörner, a former army officer, had posted a video on YouTube in which he appealed to the German public to “not fall victim to fear and lethargy” and to support the coup, in order to rid Germany of the “criminal clique” in reference to the government.

The defendants – seven men and two women – were led into the purpose-built court flanked by armed police officers for what has been described as the most important of three trials of suspected members of the anti-constitutional Reichsbürger scene.

They spoke only to confirm their names, addresses and marital status. Asked by Judge Bonk if his name was Heinrich XIII and if he had been born in Thuringia, Reuss answered: “That is correct,” in a quiet, raspy voice. Dressed in a dark jacket and trousers, navy pullover and open-necked shirt, the 72-year-old estate agent greeted fellow defendants before taking his place in court.

Variously dressed in hunting jackets, suits, hoodies and Burberry scarves, many of the accused waved and smiled at each other and chatted with their lawyers after being led to their seats. One of the women covered her face with a grey folder.

The defendants were arrested in December 2022, when heavily armed forces stormed houses, flats, offices and a remote hunting lodge. Investigators had been surveilling the group for months.

The trial was slow to get under way on Tuesday after several lawyers lodged complaints to the judge, in which they expressed their objections to the proceedings taking place at all.

Bonk rejected a request for the trial to be filmed, after lawyers for the defendants argued it was of “huge historical importance”.

It is unclear which of the defendants will actively participate in the trial, but the legal team for Reuss said he would not answer questions “due to a lack of trust in the entire process”.

Outside the court, Roman von Alvensleben, a lawyer for Reuss, told journalists he found his client’s views as “crude and jarring” but denied that he had been the plot’s ringleader. He objected to the fact that, because there were three trials in separate locations, “it is almost impossible to follow the cases properly and to cross-reference them”.

Across the three trials, a total of 26 defendants are in the dock for their alleged involvement in the plot. A 27th, a 72-year-old who had been due to go on trial in Frankfurt, recently died.

A court in Stuttgart is trying the alleged military wing of Patriotic Union, while Frankfurt’s trial focuses on the alleged ringleaders. A trial in Munich, due to the start in June will focus on the so-called “esoteric wing” of the organisation.

Of the hundreds of witnesses who have been called to give evidence, several are expected to appear before all three courts.

The Frankfurt trial is taking place in a purpose-built metal warehouse on the outskirts of Germany’s financial capital, with the public and press galleries separated from the main courtroom by a broad window of bulletproof glass.

The group on trial is part of a growing movement known as Reichsbürger, or citizens of the Reich, now estimated by German authorities to number about 23,000, who refuse to acknowledge the legitimacy of the modern state and would like German borders to be redrawn to pre-1918 lines.

All three trials are scheduled to in theory last for months but are expected in practice to go on for a year or more.

The case continues.

Read the whole story
Share this story
Delete

We get more useful energy out of renewables than fossil fuels | Ars Technica
Tuesday May 21st, 2024 at 6:35 PM

Ars Technica - All content
1 Share

It doesn't take a lot of energy to dig up coal or pump oil from the ground. In contrast, most renewable sources of energy involve obtaining and refining resources, sophisticated manufacturing, and installation. So, at first glance, when it comes to the energy used to get more energy—the energy return on investment—fossil fuels seem like a clear winner. That has led some to argue that transitioning to renewables will create an overall drop in net energy production, which nobody is interested in seeing.

A new study by researchers at the UK's University of Leeds, however, suggests that this isn't a concern at all—in most countries, renewables already produce more net energy than the fossil fuels they're displacing. The key to understanding why is that it's much easier to do useful things with electricity than it is with a hunk of coal or a glob of crude oil.

Energy efficiency and utility

The basic idea behind the new work is that while it's energetically cheap to extract fossil fuels, the stuff that comes out of the ground isn't ready to be put to use. There are energetic costs to making it into a useful form and transporting it to where it's needed, and then there is lost energy when it's being put to use. That's especially notable for uses like internal combustion engines, where significantly less than half of the energy available in gasoline actually gets converted into motion.

So, the researchers propose an alternate form of the energy return on investment (EROI)—something they call useful-stage EROI. This measures how much energy is needed to put a unit of energy to work in a way that society values—heating a home, moving a car, lighting a room, and so on. This is also a more complicated measure because it depends on how the energy is put to use, which will vary from country to country. So, even though natural gas has the same EROI at extraction, it'll have different useful-stage EROIs in a country that primarily uses gas for heating versus one that's using it for electricity generation since those two activities have different efficiencies.

To analyze useful-stage EROIs, the researchers built on a previous publication that calculated what it termed final-stage EROIs, which tracked the energy used to get a unit of energy to where it's ready for use—so, all the energetic costs of extraction, processing, and delivery. This information let them track this statistic for the 50-year period from 1970–2020. Then, they built their own country-level energy use database. Since typical efficiencies of various uses are available, that lets them track the useful-stage EROI in each country they have data for.

The one thing this doesn't include is the energy cost of the infrastructure needed to extract fossil fuels, which, in the case of things like off-shore drilling, can be significant. So, the researchers suggest that they're probably overestimating the useful-stage EROIs for fossil fuels.

Inefficiencies

Focusing on utility makes a substantial difference. Using the 2020 data, the final, delivered-to-end-user EROI of fossil fuels is quite good, at approximately 8.5, meaning you get about 8.5 units of energy out for every one you invest. (This is averaged across all fuels and uses.) Once you try to do something useful with it, however, it drops dramatically so that the useful-stage EROI is only about 3.5. Which, to be clear, is bad—you want to be getting as much useful energy as possible for every unit of energy you put into things.

Different fuels have very different profiles, however. Natural gas has the highest useful-stage EROI at 9.5, coal is at 7.2, and oil products are only 2, meaning we only get about twice as much energy out of gasoline as we put into producing and using it. Most of these values have been largely unchanged for the past 50 years except for natural gas, which has seen a dramatic drop in the EROI of getting it ready to use (possibly due to the energy costs of fracking—the trend is most notable in the 1980s), and a smaller drop in useful-stage EROI.

A large contributor to these values is how these fuels are put to use. For example, the useful-stage EROI for natural gas in heating buildings is about 12, meaning it can be used reasonably efficiently. The value for heating with oil products is only about 5. Oil products used in road and rail propulsion are also terrible, being just above 2 for rail travel and under 2 for roads.

Renewable energy, in this analysis, is focused on things like wind and solar, which deliver electrons to the grid (things like renewable production of methane are pretty minor at this point). Those can be used for things like heating, rail and road transit, and other uses performed by fossil fuels. Many of these uses are extremely efficient—things like heat pumps and electric motors are much better at turning energy into utility than their fossil fuel equivalents.

Page 2

To make a comparison, the researchers calculate the final stage EROI—the energetic cost of getting energy in the hands of people in a form that's ready for use—that can perform the equivalent of things we currently use fossil fuels for.

On average, renewables would need a final EROI of less than 5 to be competitive with fossil fuels. The absolute worst value is for natural gas products, whereas renewables would need a final EROI of a bit over 10 to be competitive in energy terms. In contrast, they'd only need a final EROI of 3 to compete with oil products.

The researchers gathered a lot of final EROIs from the literature, and they're quite striking. The absolute worst for wind power is over 10, and the highest values are in the area of 25. So, wind power is already ahead of fossil fuels when it comes to giving us more useful energy back than is needed to produce, install, and maintain wind turbines. Estimates for solar are, on average, a bit lower. They range from a low of about 7 to a high of about 20, which puts them well ahead of oil products and generally competitive with natural gas.

The researchers also performed a country-level analysis, showing that there are only two countries where the absolute lowest estimate of the solar final-EROI seen in the literature is above the cutoff where it would provide a better useful-stage EROI than the average fossil fuel. (Republic of Congo, Uzbekistan, and North Korea were excluded from this analysis.) All the estimates for wind energy were again, well above this average. "Renewable energy can be expected to return more net useful energy than fossil fuels in almost all countries," the researchers conclude.

Based on this data, a transition to renewables isn't going to cause a major energy crunch. And, over the long term, improvements in manufacturing and efficiencies might improve the situation even further. But most pathways for handling climate change involve building an excess of generating sources, and pairing them with storage that can allow renewables to supply power even when they're not actively producing. This will also necessarily result in curtailment of renewable production under some conditions, lowering the EROI of these renewable sources.

To examine that curtailment, the researchers examine the decarbonization scenarios planned by various countries, such as France, the UK, and the US. Even when intermittency, curtailment, and storage are considered, wind comes out well ahead of fossil alternatives. In contrast, some estimates of solar power are below the final EROIs needed to compete with coal and natural gas. Still, the gaps are not dramatic, and there are plenty of estimates for solar that do outperform these fossil fuels.

No energy crunch

The researchers acknowledge that things can potentially change with the adoption of new technology. Right now, most electrical heating is done by sending electrons through a resistive coil, which is relatively inefficient compared to burning fossil fuels. In contrast, heat pumps convert electrons to temperature difference more efficiently than burning things, which would allow renewable energy to become more competitive for this use case.

Still, even in the current market, the analysis strongly suggests that, in energy terms, renewable sources are already producing more energy per unit of energy used to produce them than fossil fuels.

It's important to note that this analysis only takes into account the energetic costs of different forms of energy. It does not account for factors like the financial costs or the health costs of continued fossil fuel use. So, while coal is competitive by this measure of energy efficiency, it's doing terribly economically, and it faces increasing regulation due to the heavy pollution burden it creates.

The study isn't designed to consider all these factors and tell us which energy source is the best; it's telling us whether moving away from fossil fuels for other reasons will create an energy crunch. The numbers here clearly indicate that this won't be the case.

Nature Energy, 2024. DOI: 10.1038/s41560-024-01518-6  (About DOIs).

Read the whole story
Share this story
Delete

This wholesome banger from a group of Irish kids is the spark you need : NPR
Tuesday May 21st, 2024 at 1:43 PM

NPR Topics: Music
1 Share

Music fans, have we got a new, totally infectious bop for you: "The Spark," a song created by a group of kids in Cork, Ireland. "I searched for my spark and I found it," they exuberantly sing over a vibrant techno beat. They let their rhymes fly, too: "Making bangers at a young age," one girl raps, "My pen setting fire to the page."

As one listener enthused on X: "They had no business putting out something this deadly."

"The Spark" was created by Rhyme Island, a youth rap initiative in Cork. The kids worked with a local producer named GMCBeats and The Kabin Studio, a music and creativity-focused nonprofit in the Knocknaheeny suburb of Cork.

They made the song in advance of Cruinniú na nÓg, an annual "national free day of creativity for young people" in Ireland. It features over 1,000 free events for kids and teenagers across Ireland, sponsored by the Irish government and supported by the Irish public broadcaster RTE. This year's Cruinniú na nÓg activities take place on Saturday, June 15.

Rhyme Island's video for "The Spark" was released by Creative Ireland, the Irish government initiative behind Cruinniú na nÓg. The video is just as cheery and wholesome as the song: The band of kids bounce down the aisle of a school bus and zip along a Cork sidewalk, decked out in colorful bucket hats and shades.

While "The Spark" does not yet seem to be available on digital platforms, Rhyme Island has a playlist of their other work on SoundCloud.

Read the whole story
Share this story
Delete

Revenue from so-called millionaires tax tops state projections
Tuesday May 21st, 2024 at 1:38 PM

1 Comment

The Department of Revenue won’t certify the official amount raised until later this year. But the estimates immediately buoyed supporters’ claims that the surtax would deliver much-needed revenue for the state despite fears it could drive out some of the state’s wealthiest residents.

“Opponents of the Fair Share Amendment claimed that multi-millionaires would flee Massachusetts rather than pay the new tax, and they are being proven wrong every day,” said Andrew Farnitano, a spokesperson for Raise Up Massachusetts, the union-backed group which pushed the 2022 ballot initiative.

“With this money from the ultra-rich, we can do even more to improve our public schools and colleges, invest in roads, bridges, and public transit, and start building an economy that works for everyone,” Farnitano said.

Voters approved the measure in 2022 to levy an additional 4 percent tax on annual earnings over $1 million. At the time, the Massachusetts Budget and Policy Center, a left-leaning think tank, projected it could generate at least $2 billion a year.

State officials last year put their estimates slightly lower at up to $1.7 billion, and lawmakers embraced calls from economists to cap what it initially spends from the surtax, given it may be too volatile to rely upon in its first year.

So far, it’s vastly exceeded those expectations, generating nearly $1.4 billion alone last quarter, which coincided with a better-than-expected April for tax collections overall.

State officials said that they raked in $1 billion more in tax revenue overall than they had projected in April. That marked a stark reversal from earlier in the fiscal year, when collections lagged expectations for months, prompting state officials to slash spending, downgrade their revenue forecast, and, last month, freeze some state hiring.

Matt Gorzkowicz, Healey’s budget chief, said at the time that officials believe most of the unexpected revenue was generated by the “millionaires tax” and collections from capital gains, all money that state officials largely can’t use to balance the budget.

Revenue from the surtax is constitutionally mandated to go toward education and transportation initiatives, while excess revenue from capital gains must flow to the state’s emergency savings account. Nevertheless, Gorzkowicz said then that state officials believe they’re on track to close the fiscal year at the end of June in line with projections.

Massachusetts has struggled with residents leaving the state in recent years.

In 2021 — before the “millionaires tax” took effect — Massachusetts said goodbye to taxpayers with a collective $4.3 billion in adjusted gross income, an increase of 40 percent from the prior year, according to an analysis by the Pioneer Institute. Nearly 25,200 more tax filers moved out of Massachusetts than moved in, the data show.

A recent analysis by Boston Indicators, the research arm of the Boston Foundation found that the people moving out of Massachusetts across 2021 and 2022 were predominantly middle- and high-income earners, and college-educated.

Particularly dire: Working-age adults are leaving in droves. On net, Massachusetts lost an average of 22,631 people ages 25 to 44 across 2021 and 2022 — the largest number of any age group and a marked increase over previous years, according to the report.

Exactly why — and how much the tax environment may have contributed — wasn’t completely clear, as the state has also struggled with a housing crisis that has pushed families and others to seek more affordable locales.

The same analysis found that the state’s population rebounded last year, with a gain of nearly 11,500 residents from July 1, 2022, to July 1, 2023, as immigration numbers rebounded from pandemic-era lows.

“Whatever short term financial benefit the state will receive from the income surtax will be outweighed by the long-term negative effect this tax is having on the state,” said Paul Craney, a spokesperson for the conservative-leaning Massachusetts Fiscal Alliance.

Phineas Baxandall, the Mass. Budget and Policy Center’s interim president, said Monday that the take from the tax shouldn’t be shocking. A state analysis five years ago predicted that the “millionaires tax” could generate nearly $2 billion, he said, and “income has further concentrated at the top since then.”

“This isn’t surprising,” he said.

State Senator Michael Rodrigues, the state’s budget chief, said on the Senate floor Monday that excess revenue from the tax could ultimately come close to $1 billion for this fiscal year. Under language lawmakers passed last year, 85 percent of any “excess” revenue is transferred to an account reserved for one-time projects or spending, such as road maintenance, school building projects, or major public transportation work.

“We will not have any problems identifying those,” Rodrigues said. “As we all know, [transportation and education] are two areas of immense need.”

Material from the State House News Service was used in this report.

Matt Stout can be reached at matt.stout@globe.com. Follow him @mattpstout.

Read the whole story
Share this story
Delete
1 public comment
acdha
7 hours ago
reply
Wait, you mean taxing rich people works? 🤯
Washington, DC

University Suspends Students for AI Homework Tool It Gave Them $10,000 Prize to Make by Jason Koebler
Tuesday May 21st, 2024 at 12:49 PM

404 Media
1 Comment and 2 Shares

This article was produced in collaboration with Court Watch, an independent outlet that unearths overlooked court records.

The student cofounders of an AI studying tool won a $10,000 entrepreneurship prize from Emory University for their idea, were championed publicly and repeatedly by the university’s business school for creating the software, and then were promptly suspended by the school for a semester for building exactly what the school had just given them money to build.

The students were suspended by the school’s Honor Council because their AI tool “could be used for cheating” and because they connected it to a software platform used by the university to host course reading material, homework, and other assignments without obtaining express permission, though this feature was mentioned at the competition it won $10,000 at. But the school’s Honor Council did not actually find evidence that it was ever used to cheat, and a review of the Honor Council’s writeup shows an incredible misunderstanding of how the specific tool, called Eightball, was designed and a misunderstanding of how large language models are trained and what they can do.  

“While nothing about Eightball changed, Emory’s view of Eightball changed dramatically,” a lawsuit filed by Benjamin Craver, one of the suspended students against the university reads. “Emory concedes that there is no evidence that anyone has ever used Eightball to cheat. And to this day Emory advertises Eightball as an example of student innovation and entrepreneurship.”

A screenshot from an Eightball demo

This whole embarrassing saga, revealed in the lawsuit, is another piece of evidence that demonstrates universities and schools more broadly have absolutely no idea how to deal with AI in an academic context and have a misunderstanding of the technology. We have seen mixed messaging from schools about whether or not students should use ChatGPT in any context, have seen students who have been falsely accused of using AI to write essays, and have seen disturbing cases where students use AI to make nonconsensual porn of each other. In each of these instances, it is becoming clear that schools do not know what the rules about AI should be and that they are often being made up on the fly. 

There is a lot of detail in this article about what was ultimately an Honor Council proceeding at a private university, but the Kafkaesque proceedings in this case are instructive because they demonstrate how wholly unprepared schools and universities are to deal with even straightforward issues involving AI.

Last spring, the students presented Eightball at the university’s “Entrepreneurship Summit” and were given a $10,000 grand prize to build and launch their software, which allowed students to upload PDFs of course readings, syllabuses, and other material and turn those into practice tests and flash cards. They also explained that they were eventually going to allow users to connect to Canvas, which is a software platform used by the university where professors upload course readings, documentation, assignments, etc, the lawsuit alleges. “By connecting Eightball to Canvas, students would be able to import their course materials to Eightball all at once rather than uploading the same documents individually.”

“Eightball is a platform kind of like ChatGPT but trained directly on your Canvas courses. The way Eightball works is it connects to your Canvas and goes through each of your courses. And for each course it studies the modules, the lectures, the slides, the readings, everything. From there, it becomes a ChatGPT-like experience, but the AI is customized for your course,” one of the creators explains in a demo video. The student then shows that Eightball surfaces directly relevant passages and serves as, more or less, a search-engine for class material.

“Dorm Room Entrepreneur,” the headline of an article on Emory University’s website that was live until I asked the university for comment for this story. “Student co-founds AI-Powered Study Tool Eightball.” The article explains how three students created Eightball, and notes that some professors began recommending that their students use it to help them study for tests.The school promoted this article, and the students’ business and AI tool, in LinkedIn posts: “Emory students are using AI to improve the studying experience!,” one post by the business school reads. The student lawsuit also includes numerous emails sent to the cofounders by professors and faculty at Emory, who said things like “I was very pleased to hear about your startup, Eightball. I congratulate you for your entrepreneurial attitude and for the very interesting idea that you and your business partners had,” and “it looks great.” Andrea Hershatter, the associate dean of Emory’s business school, sent an email introducing the students to a potential outside investor and said “I hope you are having a wonderful summer and finding time and resources to continue your work on EightBall.”

An email the students sent to the team that gave them the $10,000 prize explained their plans to connect to Canvas: “To reiterate, Eightball essentially just shows you students’ materials from their Canvas courses - sort of like an advanced search inside Canvas, and is not capable of solving complete homework problems or writing essays or anything of [the] sort,” the email says. 

It is not clear, exactly, what changed at Emory that made the university take action against a startup that it went out of its way to promote, but both the lawsuit and the Honor Council writeup asserts that the university’s IT department was angry that the company allowed students to connect their own Canvas API tokens to the app. In the lawsuit, the students’ lawyers write that the university changed the settings within Canvas and “hid the button that generates Canvas [API] tokens, but it did not inform [the students] that the change was in response to Eightball’s newly available method for uploading course materials.” Soon after this, “Emory informed [one of the students] that he may have violated Emory’s Undergraduate Code of Conduct by Connecting Eightball to Canvas.” The students shut Eightball down at this point.

After all of this promotion, the university’s Honor Council launched an investigation into the students and Eightball. This investigation, which can be read here, found that Eightball had not been used for cheating, and that the students had not lied about the capabilities of the software. It also did not dispute that the school both funded and championed the software. The council recommended that the students be suspended for a year, anyway. Jason Ciejka, the director of the school’s honor council, wrote “this case is unprecedented in terms of its scale and potential to harm the Emory community.” 

School officials suggested that students choosing to use their own API tokens in the way that they are intended to be used by Canvas the company was a massive security risk. 

The school “figured out that the Eightball program accesses the Canvas data through the Canvas user generated token, which is essentially users’ Emory credentials that give full access to everything users can access on Canvas. This user generated token is considered a highly restricted user credential tool and sharing it to any outside party is a violation of Canvas terms and IT policies.” API tokens are sensitive, but API tokens exist exclusively for users to connect accounts to outside services—what the Honor Council is describing is essentially the only use for an API token, and is a feature of Canvas which the Honor Council wrote “is not something that they can turn off.” Canvas’s own documentation explains to students how they can use use API tokens to connect their accounts to other apps: “Access tokens provide access to canvas resources through the Canvas API. Access tokens can be generated automatically for third-party applications or created manually.”

IT attempted to hide this feature, but students found a workaround and “were continuing to circumvent it to generate tokens.” Because of this, they were also accused of “rewriting code to circumvent an IT security measure” (the “workaround” involved right clicking on the Canvas website, clicking “Inspect,” and copy-pasting a code snippet to generate the tokens.)

One of the witnesses the Honor Council called said that “this application was being marketed through various Reddit posts as a ChatGPT for Canvas,” and then said “From the security perspective, people cannot give full access of their data to someone else. The fact that it was OpenAI which got the access made the case even worse because OpenAI is trained on data. Once people feed it with these personal data, it could answer others’ questions based on searching through all these materials, potentially leading to copyright problems etc.” But the students explained that their program “did not use ChatGPT at all.” 

The students were also accused of “disseminating course material” by allowing students to use their own, individualized Canvas API tokens to connect Eightball directly so they did not have to upload PDFs to the tool themselves. “The upgrade did not change what students could upload to Eightball or what learning materials Eightball could produce upon request,” the suspended students’ lawyers note in the lawsuit.

Despite all of this talk about Canvas, the Honor Council’s report and writeups of what happened to the students makes clear that the university was very concerned about “the cheating potential with this program,” and the students were accused of cheating,” “plagiarizing,” and “intentionally helping or attempting to help another person to violate any provision of this Honor Code.” 

According to Eightball’s marketing, the lawsuit, and Emory University’s own writeups, Eightball was not actually a cheating tool. As far as AI-tools go, it seems innocuous, and the university did not provide any examples of the tool ever being used for cheating. “Unless answers are directly in the course materials, Eightball cannot make up anything for non-existing answers.”

The Honor Council wrote “the fact that Emory gave them the grant implies that Emory was supporting them. While the Honor Council can understand this position taken by the student, we fundamentally disagree that this places the onus on the university to ensure the ethical development of this tool. All students should carry the Honor Code and the value of academic integrity as their leading principle. Moreover, this application has already reached other educational institutions and has the potential to create widespread cheating across colleges and universities that were unaware of this flaw in Canvas.”

Emory University declined to comment on this story. Craver's attorneys declined to comment for this piece.



Read the whole story
mareino
4 hours ago
reply
Someone in transfer student admissions needs to offer these kids a scholarship ASAP.
Washington, District of Columbia
Share this story
Delete

Why Your Wi-Fi Router Doubles as an Apple AirTag
Tuesday May 21st, 2024 at 12:34 PM

Krebs on Security
1 Share

Image: Shutterstock.

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

At issue is the way that Apple collects and publicly shares information about the precise location of all Wi-Fi access points seen by its devices. Apple collects this location data to give Apple devices a crowdsourced, low-power alternative to constantly requesting global positioning system (GPS) coordinates.

Both Apple and Google operate their own Wi-Fi-based Positioning Systems (WPS) that obtain certain hardware identifiers from all wireless access points that come within range of their mobile devices. Both record the Media Access Control (MAC) address that a Wi-FI access point uses, known as a Basic Service Set Identifier or BSSID.

Periodically, Apple and Google mobile devices will forward their locations — by querying GPS and/or by using cellular towers as landmarks — along with any nearby BSSIDs. This combination of data allows Apple and Google devices to figure out where they are within a few feet or meters, and it’s what allows your mobile phone to continue displaying your planned route even when the device can’t get a fix on GPS.

With Google’s WPS, a wireless device submits a list of nearby Wi-Fi access point BSSIDs and their signal strengths — via an application programming interface (API) request to Google — whose WPS responds with the device’s computed position. Google’s WPS requires at least two BSSIDs to calculate a device’s approximate position.

Apple’s WPS also accepts a list of nearby BSSIDs, but instead of computing the device’s location based off the set of observed access points and their received signal strengths and then reporting that result to the user, Apple’s API will return return the geolocations of up to 400 hundred more BSSIDs that are nearby the one requested. It then uses approximately eight of those BSSIDs to work out the user’s location based on known landmarks.

In essence, Google’s WPS computes the user’s location and shares it with the device. Apple’s WPS gives its devices a large enough amount of data about the location of known access points in the area that the devices can do that estimation on their own.

That’s according to two researchers at the University of Maryland, who said they theorized they could use the verbosity of Apple’s API to map the movement of individual devices into and out of virtually any defined area of the world. The UMD pair said they spent a month early in their research continuously querying the API, asking it for the location of more than a billion BSSIDs generated at random.

They learned that while only about three million of those randomly generated BSSIDs were known to Apple’s Wi-Fi geolocation API, Apple also returned an additional 488 million BSSID locations already stored in its WPS from other lookups.

UMD Associate Professor David Levin and Ph.D student Erik Rye found they could mostly avoid requesting unallocated BSSIDs by consulting the list of BSSID ranges assigned to specific device manufacturers. That list is maintained by the Institute of Electrical and Electronics Engineers (IEEE), which is also sponsoring the privacy and security conference where Rye is slated to present the UMD research later today.

Plotting the locations returned by Apple’s WPS between November 2022 and November 2023, Levin and Rye saw they had a near global view of the locations tied to more than two billion Wi-Fi access points. The map showed geolocated access points in nearly every corner of the globe, apart from almost the entirety of China, vast stretches of desert wilderness in central Australia and Africa, and deep in the rainforests of South America.

A “heatmap” of BSSIDs the UMD team said they discovered by guessing randomly at BSSIDs.

The researchers said that by zeroing in on or “geofencing” other smaller regions indexed by Apple’s location API, they could monitor how Wi-Fi access points moved over time. Why might that be a big deal? They found that by geofencing active conflict zones in Ukraine, they were able to determine the location and movement of Starlink devices used by both Ukrainian and Russian forces.

The reason they were able to do that is that each Starlink terminal — the dish and associated hardware that allows a Starlink customer to receive Internet service from a constellation of orbiting Starlink satellites — includes its own Wi-Fi access point, whose location is going to be automatically indexed by any nearby Apple devices that have location services enabled.

A heatmap of Starlink routers in Ukraine. Image: UMD.

The University of Maryland team geo-fenced various conflict zones in Ukraine, and identified at least 3,722 Starlink terminals geolocated in Ukraine.

“We find what appear to be personal devices being brought by military personnel into war zones, exposing pre-deployment sites and military positions,” the researchers wrote. “Our results also show individuals who have left Ukraine to a wide range of countries, validating public reports of where Ukrainian refugees have resettled.”

In an interview with KrebsOnSecurity, the UMD team said they found that in addition to exposing Russian troop pre-deployment sites, the location data made it easy to see where devices in contested regions originated from.

“This includes residential addresses throughout the world,” Levin said. “We even believe we can identify people who have joined the Ukraine Foreign Legion.”

A simplified map of where BSSIDs that enter the Donbas and Crimea regions of Ukraine originate. Image: UMD.

Levin and Rye said they shared their findings with Starlink in March 2024, which said it began shipping software updates in 2023 that force Starlink access points to randomize their BSSIDs.

Starlink’s parent SpaceX did not respond to requests for comment. But the researchers shared a graphic they said was created from their Starlink BSSID monitoring data, which shows that just in the past month there was a substantial drop in the number of Starlink devices that were geo-locatable using Apple’s API.

UMD researchers shared this graphic, which shows their ability to monitor the location and movement of Starlink devices by BSSID dropped precipitously in the past month.

They also shared a written statement they received from Starlink, which acknowledged that Starlink User Terminal routers originally used a static BSSID/MAC:

“In early 2023 a software update was released that randomized the main router BSSID,” the statement reads. “Subsequent software releases have included randomization of the BSSID of WiFi repeaters associated with the main router. Software updates that include the repeater randomization functionality are currently being deployed fleet-wide on a region-by-region basis. We believe the data outlined in your paper is based on Starlink main routers and or repeaters that were queried prior to receiving these randomization updates.”

The researchers also focused their geofencing on the Israel-Hamas war in Gaza, and were able to track the migration and disappearance of devices throughout the Gaza Strip as Israeli forces cut power to the country and bombing campaigns knocked out key infrastructure.

“As time progressed, the number of Gazan BSSIDs that are geolocatable continued to decline,” they wrote. “By the end of the month, only 28% of the original BSSIDs were still found in the Apple WPS.”

Apple did not respond to requests for comment. But in late March 2024, Apple quietly tweaked its privacy policy, allowing people to opt out of having the location of their wireless access points collected and shared by Apple — by appending “_nomap” to the end of the Wi-Fi access point’s name (SSID).

Apple updated its privacy and location services policy in March 2024 to allow people to opt out of having their Wi-Fi access point indexed by its service, by appending “_nomap” to the network’s name.

Rye said Apple’s response addressed the most depressing aspect of their research: That there was previously no way for anyone to opt out of this data collection.

“You may not have Apple products, but if you have an access point and someone near you owns an Apple device, your BSSID will be in [Apple’s] database,” he said. “What’s important to note here is that every access point is being tracked, without opting in, whether they run an Apple device or not. Only after we disclosed this to Apple have they added the ability for people to opt out.”

The researchers said they hope Apple will consider additional safeguards, such as proactive ways to limit abuses of its location API.

“It’s a good first step,” Levin said of Apple’s privacy update in March. “But this data represents a really serious privacy vulnerability. I would hope Apple would put further restrictions on the use of its API, like rate-limiting these queries to keep people from accumulating massive amounts of data like we did.”

The UMD researchers said they omitted certain details from their research to protect the users they were able to track, noting that the methods they used could present risks for those fleeing abusive relationships or stalkers.

“We observe routers move between cities and countries, potentially representing their owner’s relocation or a business transaction between an old and new owner,” they wrote. “While there is not necessarily a 1-to-1 relationship between Wi-Fi routers and users, home routers typically only have several. If these users are vulnerable populations, such as those fleeing intimate partner violence or a stalker, their router simply being online can disclose their new location.”

The researchers said Wi-Fi access points that can be created using a mobile device’s built-in cellular modem do not create a location privacy risk for their users because mobile phone hotspots will choose a random BSSID when activated.

“Modern Android and iOS devices will choose a random BSSID when you go into hotspot mode,” he said. “Hotspots are already implementing the strongest recommendations for privacy protections. It’s other types of devices that don’t do that.”

For example, they discovered that certain commonly used travel routers compound the potential privacy risks.

“Because travel routers are frequently used on campers or boats, we see a significant number of them move between campgrounds, RV parks, and marinas,” the UMD duo wrote. “They are used by vacationers who move between residential dwellings and hotels. We have evidence of their use by military members as they deploy from their homes and bases to war zones.”

A copy of the UMD research is available here (PDF).

Read the whole story
Share this story
Delete
Next Page of Stories