Page 1,642«..1020..1,6411,6421,6431,644..1,6501,660..»

Another 5000 Bitcoin Sourced From Mt Gox Wake up After Close to 9 Years of Dormancy Bitcoin News – Bitcoin News

September 7, 2022 | Author: admin

Last week Bitcoin.com News reported on two old bitcoin addresses created in 2013 sending 10,001 bitcoin to a myriad of wallets. Heuristics and clustering techniques indicate that the bitcoins were associated with Mt Gox, roughly around the same time the exchange was hacked in June 2011. Five days later, 5,000 bitcoins were transferred from a wallet created on the same day in 2013, and the stash of coins were also connected to Mt Gox in some type of fashion.

Another 5,000 so-called sleeping bitcoins, from a wallet created on December 19, 2013, were transferred on September 4, 2022. The action, caught by Btcparser.com, took place five days after 10,001 bitcoin (BTC) moved from two bitcoin addresses created close to nine years ago on the same day in 2013. The 5,000 BTC sent on Sunday, September 4, 2022, have a mysterious history as they are associated with the now-defunct Mt Gox bitcoin exchange right around the same time the exchange was hacked in June 2011.

When our newsdesk reported on the 10,001 BTC associated with Mt Gox, there wasnt much fanfare about the coins moving. Coindesk columnist Jocelyn Yang, however, discussed the situation with a data engineer at Coin Metrics. The engineer said the bitcoins from 2013 may have been associated with an old Kraken cold storage address, a Kraken OTC (over the counter) deal, [or] a Kraken user. Then on September 3, 2022, the OXT researcher Ergobtc published a Twitter Thread that cites our report quoting OXT user Taisia, the admin of the GFISchannel Telegram group.

By referring to the work of a well-informed OXT user, bitcoin.com [is] much closer to the mark than Coindesk, Ergobtc said. Despite a Kraken deposit, these coins are not sourced from Kraken. They are however sourced from Mt Gox and possibly controlled by Jeb McCaleb.

Ergobtc further discussed the two addresses (1,& 2) and explained how OXT can backtrack the source of the coins. Doing so leads to a large cluster with a user annotation, Ergobtc details. The user annotation to this cluster links to a blog post by @wizsecurity blog. Wizsec is the Mt Gox saga expert. The blog post references an address belonging to Jeb McCaleb and wrongfully claimed by CSW.

The Twitter thread further explains that the second transaction for 5,000 BTC was clearly made to Coinbase. The OXT researcher added:

Evidenced by the telltale denomination splitting with secondary splits down to 10 BTC. Splits are co-spent with Coinbase clustered addresses. These coins are sourced from the Gox saga, and possibly controlled by Jeb McCaleb. Two txs for 5K BTC were sent to Kraken and Coinbase.

At block height 752,637, on September 4, 2022, 5,000 BTC was sent from 18xGH and the address was created on the same day (December 19, 2013) as the two addresses that sent 10,001 BTC on Sunday, August 28, and Monday, August 29, 2022. Moreover, by backtracking the transactions, the 5,000 BTC are also connected to the Mt Gox saga and the address 1McUC. At the time of writing, the address bc1qp held 4,929.43 BTC that stemmed from the 5,000 sent on Sunday. By Monday morning, 8:00 a.m. (ET), the coins were dispersed to a myriad of multi-signature bitcoin addresses. Bitcoin.com News spoke with the admin of the GFISchannel Telegram group Taisia about the latest movement.

The situation is quite strange, Taisia told Bitcoin.com News. The dev of oxt.me confirmed to us that in his opinion, the bitcoins are indeed connected with Mt Gox, and possibly belong to Jed McCaleb. The GFISchannel administrator also said she spoke with the former Mt Gox CEO Mark Karpeles who did not directly confirm this information, although he did not rule out that it was close to the truth.

If these are really McCalebs bitcoins, why wont he make a statement to stop speculation on this topic? Taisia asked during her conversation with Bitcoin.com News. And, returning to the original question, why are all these movements going on right now? In the midst of the FUD with trustee payments and Vinnicks recent extradition to the United States.

Once again a blockchain parser, onchain analysis, and heuristics discovered thousands of bitcoins with an interesting past. These ancient bitcoins that sat idle for close to nine years only to wake up when BTC is trading for $19.9K. It should be noted that these coins have absolutely nothing to do with the bitcoin payments associated with the Mt Gox trustee, except for mere coincidental timing with the trustees latest update. Presently, Mt Gox creditors have not seen a hard date set for payment distribution, despite rumors and inaccurate reports last week saying this was the case.

What do you think about the whale that moved 15,001 bitcoin this week and the association with Mt Gox? Let us know what you think about this subject in the comments section below.

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,700 articles for Bitcoin.com News about the disruptive protocols emerging today.

Image Credits: Shutterstock, Pixabay, Wiki Commons, GFISchannel, OXT

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Here is the original post:
Another 5000 Bitcoin Sourced From Mt Gox Wake up After Close to 9 Years of Dormancy Bitcoin News - Bitcoin News

Read More..
Posted in Bitcoin | Leave a Comment

Here’s How Many Times Bitcoin was Declared ‘Dead’ Since its Inception – Watcher Guru

September 7, 2022 | Author: admin

Bitcoin was launched in 2009 by Satoshi Nakamoto and was worth under $0.01 during inception. Only a handful of people invested in BTC as the crypto was deemed risky, compared to traditional investments. The ones who invested back then turned millionaires as Bitcoin skyrocketed in price every year reaching new milestones.

However, BTC is known for extreme volatility with price swings that can give investors the jitters. Hence, several mainstream media outlets have declared Bitcoin dead multiple times during price correction. This article will list the number of times the media has declared Bitcoin dead in the last 14 years.

Also Read: Australian Police roll out Bitcoin, Crypto-Crime unit

Data from 99Bitcoins show that leading mainstream media outlets have declared Bitcoin dead 461 times between 2009 to 2022. On average, outlets have declared BTC a dead coin approximately 36 times every year.

Also, now that the crypto markets are in bearish grips, Bitcoins obituary was declared 21 times in 2022 alone. The data was taken from January to September 6, 2022. Even during the bull run last year where Bitcoin reached an all-time high of $69,044, its obituary was published 47 times in 2021 alone.

Bitcoin being declared dead has occurred both during the bull run and the bear markets. Data from Twitter handle Jackis showcase that each time Bitcoins obituary is written, the crypto has briefly spiked in price.

Also Read: Investors reap 22% gains as Bitcoin tumbles: Heres how

Google searches for Will Bitcoin crash to $0 spiked in May 2022 after TerraUST and Luna plummeted to $0. Read here to know more if Bitcoin can fall to $0 in our lifetime.

At press time, Bitcoin was trading at $19,970 and is up 1% in the 24 hours day trade. The king crypto is down 71.1% from its all-time high of $69,044, which it reached in November last year.

Read the rest here:
Here's How Many Times Bitcoin was Declared 'Dead' Since its Inception - Watcher Guru

Read More..
Posted in Bitcoin | Leave a Comment

Macro Guru Lyn Alden Says Bitcoin Is the Worlds Best Ledger, Calls BTC a Marvelous Tech Revolution ?… – The Daily Hodl

September 7, 2022 | Author: admin

Macro strategist Lyn Alden says that in a global economy underpinned by an inflationary system, Bitcoin (BTC) stands as worlds best ledger.

In a new interview with Bitcoin proponent Peter McCormack, Alden says BTC is the ideal solution for the problems of the current monetary system.

One problem is that we have an inflationary system. Thats problematic enough in developed countries. In smaller and developing countries, they have much higher inflation levels on average, and usually within a lifetime they experience hyperinflation. They just lose their savings if they were holding that currency

Number two is the fact that its all mostly permissioned. You need permission from your bank to do things. In some countries, thats pretty benign. In other countries that are more authoritarian, and according to estimates from Freedom House the way they depict it about half the world lives under something thats classified as authoritarian or semi-authoritarian. So permission systems are obviously a big problem in that regard.

So the combination of not having developed savings and payments technology thats pretty open and having inflationary currencies is really bad for a lot of people around the world.

According to Alden, money is simply a ledger and Bitcoin creator Satoshi Nakamoto designed the worlds best ledger due to BTCs portability, verifiability and transparent scarcity.

I think the best way to describe money is either the most salable good, which is the more commodity-oriented view of money. I think thats accurate. Another way to describe it is that its ledgers. Usually, ledgers correspond to commodity moneys in history, but they dont have to, obviously in the current era. In that sense, the best ledger the one that you cant fudge the numbers, is not opaque the combination of the best ledger with a hard unit of account in that ledger system is a pretty marvelous revolution.

[Bitcoin] is basically faster than gold but more auditable and harder than fiat. It acts as its own decentralized transfer agent and registrar. Its a marvelous technology.

At time of writing, Bitcoin is swapping hands for $19,950, flat on the day.

I

Featured Image: Sutterstock/Kit8.net

Here is the original post:
Macro Guru Lyn Alden Says Bitcoin Is the Worlds Best Ledger, Calls BTC a Marvelous Tech Revolution ?... - The Daily Hodl

Read More..
Posted in Bitcoin | Leave a Comment

Why is the Internet of Things So Hard to Secure? – Security Boulevard

September 7, 2022 | Author: admin

Contact Sales[emailprotected]+1-216-931-0465

Access to real-time data has immense value for business intelligence. Imagine if a robotic arm on an assembly line could tell you how much energy its using, how long it takes to do its job, or when it will need maintenance.

From pacemakers to self-driving cars, devices that were previously siloed are getting connected to the internet. This offers a great deal of value to users and can even save lives in the case of medical devices. But with the added value of interconnectivity comes much greater risk.

Theoretically, the Internet of Things (IoT) infrastructure can be even more secure than that of servers and workstations, as manual processes are often the most vulnerable part of a cloud-based infrastructure.

But as a new technology facing explosive growth, IoT device security can be a moving target as new technologies, regulations, use cases, and threats emerge. And the stakes are high, as the potential fallout of a data breach in which medical devices, military equipment, personal vehicles, or major public utilities are compromised could be life-threatening.

The Internet of Things is a new world for traditional IT and cybersecurity folks. There are plenty of ways their current expertise can apply to this new IoT revolution, but theyll have to face some new challenges, as well.

Manufacturing machinery often has to produce hundreds of thousands of units per week, each one with its own certificate and identity. Certs have to be issued as fast as units come off the assembly line.

Simply maintaining the inventory of all the issued certs, let alone monitoring and updating them, is a major undertaking, especially for certificates with short lifecycles.

Forty-two percent of enterprises still use spreadsheets to track digital certs manually, and 57% dont have an accurate inventory of their SSH keys. Consequently, up to 40% of machine identities arent being tracked.

Automotive electronic control units (ECUs), which control in-vehicle safety, drive train, and infotainment systems, are manufactured in a sprawling supply chain with several points of entry that could be exploited by a threat actor.

And the products of this supply chain are deployed into unknown environments that might employ decades-old security controls. Manufacturers cant let their products security depend on the end user, as a data breach tied to the product can potentially damage the reputation of the manufacturer, even if the breach is ultimately the users fault.

IoT technology must take a Zero Trust approach to security for both human and machine identities. This approach, in which rejecting access is the default and access is only granted based on strict criteria, doesnt just bolt on security as a featureit bakes it in as a design element throughout the product lifecycle.

Additionally, the device has to integrate with a wide range of adjacent systems, some of which might not adhere to the same rigorous security standards. Regulations and industry standards are still taking shape in the IoT space, so manufacturers face the challenge of tool disparity among these systems. Protecting your products while also making them interoperable can be a tall order.

Security is hardly ever a selling point for an IoT device. What matters in the market is how well the product works, how energy efficient it is, cost, etc. IoT product sellers cant charge customers more for a product by using security as a value proposition. Consequently, manufacturers must take care that security measures dont adversely impact usability and efficiency.

Security considerations must be interwoven throughout the product development and manufacturing process so that they dont become clunky add-ons. If security is part of the workflow from the beginning, i.e., Security by Design, it will create less friction in the product release cycle and eat into profit margins less.

Security is not usually Job #1 in the design process for manufacturing equipment. Clients mainly care about how well the product works, whether it has all of the capabilities they need, and how much it costs. Giving business leaders the ability to oversee operations across the internet is a huge value driver, but everything a device connects to presents a new risk. Balancing security and interconnectivity has to be on a product designers mind to prevent the damage to a companys reputation a potential data breach could cause.

This balancing act can be difficult, especially if the design phase leans toward an Agile or DevOps model. Designers thrive on change and innovation, while security folks find stability in stasis and predictability. Designers may not want another cook in the kitchen, and security leaders may not be flexible enough to compromise.

IoT will see tons of evolution in the next few years. New use cases, technologies, and threats will spur new regulations. But if security isnt a top priority for IoT developers, then compliance will always be a struggle.

Currently, the regulatory environment around IoT security is disjointed. NIST informs regulations in the U.S., but other countries have their own sanctioning bodies and standards. Electric vehicle regulation covers PKI, but those regulations differ from one region to the next. Standards like IEC 62443 are often discussed in comparison to other security standards. Californias SB: 327 law was the first IoT-specific law in the U.S.

An enterprise releasing a product globally must manufacture that product with security that complies across several regulatory landscapes (e.g., GDPR in Europe, PIPL in China, LGPD in Brazil). These privacy regulations are being expanded to include IoT devices, and some organizations may benefit from specialized consultants who are familiar with all the standards.

For most IoT manufacturers, security is not the primary value, but buyers assume that products are secure, and a breach at the device level can diminish customer confidence in a brand and lead to high-profile reputational damage. An aquarium thermometer in a casino allowed a hacker to export 10 GB of undisclosed data out of the country. Breached security cameras gave hackers access to video feeds in Tesla factories as well as jails, police departments, and hospitals.

On a grander scale, the Stuxnet virus altered the speeds of Irans nuclear centrifuges so imperceptibly that humans could not detect the change, bringing the Iranian nuclear program to its knees.

But its not just governments and corporations that can be impacted: from vehicles getting hacked while driving down the highway to home security cameras being compromised to vulnerabilities in IoT pacemakers, cyberattacks on some IoT devices can be directly life-threatening and create fear on the part of consumers.

Because of this, unsecured devices can result in hefty fines and penalties by government regulators. In 2015, the HHS Office of Civil Rights (OCR) announced its first settlement involving a data breach through medical devices in a hospital setting. 600 records were exposed, and Lahey Hospital & Medical Center settled for $850,000. The argument could be made that the OCR is sending a message about bringing devices and systems under the HIPAA compliance umbrella.

The IoT industry is set to explode across several verticals. According to IoT Analytics, the Global IoT market grew over 22% in 2021, and it is projected to keep increasing at that same compound annual growth rate through 2027.

There are a lot of growing pains in this relatively new industry, and companies arent sure whos in charge of what when it comes to security. The best security posture will be achieved when design, operations, and security leaders recognize that they all have a stake in IoT device security. The best IoT products will be built by manufacturers that incorporate security and compliance considerations into device design from the beginning.

If you want to dive deeper into the principles of how to secure the Internet of Things, check out our whitepaper Five Guiding Tenets for IoT Security.

Access to real-time data has immense value for business intelligence. Imagine if a robotic arm on an assembly line could tell you how much energy its using, how long it takes to do its job, or when it will need maintenance.

From pacemakers to self-driving cars, devices that were previously siloed are getting connected to the internet. This offers a great deal of value to users and can even save lives in the case of medical devices. But with the added value of interconnectivity comes much greater risk.

Theoretically, the Internet of Things (IoT) infrastructure can be even more secure than that of servers and workstations, as manual processes are often the most vulnerable part of a cloud-based infrastructure.

But as a new technology facing explosive growth, IoT device security can be a moving target as new technologies, regulations, use cases, and threats emerge. And the stakes are high, as the potential fallout of a data breach in which medical devices, military equipment, personal vehicles, or major public utilities are compromised could be life-threatening.

The Internet of Things is a new world for traditional IT and cybersecurity folks. There are plenty of ways their current expertise can apply to this new IoT revolution, but theyll have to face some new challenges, as well.

Manufacturing machinery often has to produce hundreds of thousands of units per week, each one with its own certificate and identity. Certs have to be issued as fast as units come off the assembly line.

Simply maintaining the inventory of all the issued certs, let alone monitoring and updating them, is a major undertaking, especially for certificates with short lifecycles.

Forty-two percent of enterprises still use spreadsheets to track digital certs manually, and 57% dont have an accurate inventory of their SSH keys. Consequently, up to 40% of machine identities arent being tracked.

Automotive electronic control units (ECUs), which control in-vehicle safety, drive train, and infotainment systems, are manufactured in a sprawling supply chain with several points of entry that could be exploited by a threat actor.

And the products of this supply chain are deployed into unknown environments that might employ decades-old security controls. Manufacturers cant let their products security depend on the end user, as a data breach tied to the product can potentially damage the reputation of the manufacturer, even if the breach is ultimately the users fault.

IoT technology must take a Zero Trust approach to security for both human and machine identities. This approach, in which rejecting access is the default and access is only granted based on strict criteria, doesnt just bolt on security as a featureit bakes it in as a design element throughout the product lifecycle.

Additionally, the device has to integrate with a wide range of adjacent systems, some of which might not adhere to the same rigorous security standards. Regulations and industry standards are still taking shape in the IoT space, so manufacturers face the challenge of tool disparity among these systems. Protecting your products while also making them interoperable can be a tall order.

Security is hardly ever a selling point for an IoT device. What matters in the market is how well the product works, how energy efficient it is, cost, etc. IoT product sellers cant charge customers more for a product by using security as a value proposition. Consequently, manufacturers must take care that security measures dont adversely impact usability and efficiency.

Security considerations must be interwoven throughout the product development and manufacturing process so that they dont become clunky add-ons. If security is part of the workflow from the beginning, i.e., Security by Design, it will create less friction in the product release cycle and eat into profit margins less.

Security is not usually Job #1 in the design process for manufacturing equipment. Clients mainly care about how well the product works, whether it has all of the capabilities they need, and how much it costs. Giving business leaders the ability to oversee operations across the internet is a huge value driver, but everything a device connects to presents a new risk. Balancing security and interconnectivity has to be on a product designers mind to prevent the damage to a companys reputation a potential data breach could cause.

This balancing act can be difficult, especially if the design phase leans toward an Agile or DevOps model. Designers thrive on change and innovation, while security folks find stability in stasis and predictability. Designers may not want another cook in the kitchen, and security leaders may not be flexible enough to compromise.

IoT will see tons of evolution in the next few years. New use cases, technologies, and threats will spur new regulations. But if security isnt a top priority for IoT developers, then compliance will always be a struggle.

Currently, the regulatory environment around IoT security is disjointed. NIST informs regulations in the U.S., but other countries have their own sanctioning bodies and standards. Electric vehicle regulation covers PKI, but those regulations differ from one region to the next. Standards like IEC 62443 are often discussed in comparison to other security standards. Californias SB: 327 law was the first IoT-specific law in the U.S.

An enterprise releasing a product globally must manufacture that product with security that complies across several regulatory landscapes (e.g., GDPR in Europe, PIPL in China, LGPD in Brazil). These privacy regulations are being expanded to include IoT devices, and some organizations may benefit from specialized consultants who are familiar with all the standards.

For most IoT manufacturers, security is not the primary value, but buyers assume that products are secure, and a breach at the device level can diminish customer confidence in a brand and lead to high-profile reputational damage. An aquarium thermometer in a casino allowed a hacker to export 10 GB of undisclosed data out of the country. Breached security cameras gave hackers access to video feeds in Tesla factories as well as jails, police departments, and hospitals.

On a grander scale, the Stuxnet virus altered the speeds of Irans nuclear centrifuges so imperceptibly that humans could not detect the change, bringing the Iranian nuclear program to its knees.

But its not just governments and corporations that can be impacted: from vehicles getting hacked while driving down the highway to home security cameras being compromised to vulnerabilities in IoT pacemakers, cyberattacks on some IoT devices can be directly life-threatening and create fear on the part of consumers.

Because of this, unsecured devices can result in hefty fines and penalties by government regulators. In 2015, the HHS Office of Civil Rights (OCR) announced its first settlement involving a data breach through medical devices in a hospital setting. 600 records were exposed, and Lahey Hospital & Medical Center settled for $850,000. The argument could be made that the OCR is sending a message about bringing devices and systems under the HIPAA compliance umbrella.

The IoT industry is set to explode across several verticals. According to IoT Analytics, the Global IoT market grew over 22% in 2021, and it is projected to keep increasing at that same compound annual growth rate through 2027.

There are a lot of growing pains in this relatively new industry, and companies arent sure whos in charge of what when it comes to security. The best security posture will be achieved when design, operations, and security leaders recognize that they all have a stake in IoT device security. The best IoT products will be built by manufacturers that incorporate security and compliance considerations into device design from the beginning.

If you want to dive deeper into the principles of how to secure the Internet of Things, check out our whitepaper Five Guiding Tenets for IoT Security.

Access to real-time data has immense value for business intelligence. Imagine if a robotic arm on an assembly line could tell you how much energy its using, how long it takes to do its job, or when it will need maintenance.

From pacemakers to self-driving cars, devices that were previously siloed are getting connected to the internet. This offers a great deal of value to users and can even save lives in the case of medical devices. But with the added value of interconnectivity comes much greater risk.

Theoretically, the Internet of Things (IoT) infrastructure can be even more secure than that of servers and workstations, as manual processes are often the most vulnerable part of a cloud-based infrastructure.

But as a new technology facing explosive growth, IoT device security can be a moving target as new technologies, regulations, use cases, and threats emerge. And the stakes are high, as the potential fallout of a data breach in which medical devices, military equipment, personal vehicles, or major public utilities are compromised could be life-threatening.

The Internet of Things is a new world for traditional IT and cybersecurity folks. There are plenty of ways their current expertise can apply to this new IoT revolution, but theyll have to face some new challenges, as well.

Manufacturing machinery often has to produce hundreds of thousands of units per week, each one with its own certificate and identity. Certs have to be issued as fast as units come off the assembly line.

Simply maintaining the inventory of all the issued certs, let alone monitoring and updating them, is a major undertaking, especially for certificates with short lifecycles.

Forty-two percent of enterprises still use spreadsheets to track digital certs manually, and 57% dont have an accurate inventory of their SSH keys. Consequently, up to 40% of machine identities arent being tracked.

Automotive electronic control units (ECUs), which control in-vehicle safety, drive train, and infotainment systems, are manufactured in a sprawling supply chain with several points of entry that could be exploited by a threat actor.

And the products of this supply chain are deployed into unknown environments that might employ decades-old security controls. Manufacturers cant let their products security depend on the end user, as a data breach tied to the product can potentially damage the reputation of the manufacturer, even if the breach is ultimately the users fault.

IoT technology must take a Zero Trust approach to security for both human and machine identities. This approach, in which rejecting access is the default and access is only granted based on strict criteria, doesnt just bolt on security as a featureit bakes it in as a design element throughout the product lifecycle.

Additionally, the device has to integrate with a wide range of adjacent systems, some of which might not adhere to the same rigorous security standards. Regulations and industry standards are still taking shape in the IoT space, so manufacturers face the challenge of tool disparity among these systems. Protecting your products while also making them interoperable can be a tall order.

Security is hardly ever a selling point for an IoT device. What matters in the market is how well the product works, how energy efficient it is, cost, etc. IoT product sellers cant charge customers more for a product by using security as a value proposition. Consequently, manufacturers must take care that security measures dont adversely impact usability and efficiency.

Security considerations must be interwoven throughout the product development and manufacturing process so that they dont become clunky add-ons. If security is part of the workflow from the beginning, i.e., Security by Design, it will create less friction in the product release cycle and eat into profit margins less.

Security is not usually Job #1 in the design process for manufacturing equipment. Clients mainly care about how well the product works, whether it has all of the capabilities they need, and how much it costs. Giving business leaders the ability to oversee operations across the internet is a huge value driver, but everything a device connects to presents a new risk. Balancing security and interconnectivity has to be on a product designers mind to prevent the damage to a companys reputation a potential data breach could cause.

This balancing act can be difficult, especially if the design phase leans toward an Agile or DevOps model. Designers thrive on change and innovation, while security folks find stability in stasis and predictability. Designers may not want another cook in the kitchen, and security leaders may not be flexible enough to compromise.

IoT will see tons of evolution in the next few years. New use cases, technologies, and threats will spur new regulations. But if security isnt a top priority for IoT developers, then compliance will always be a struggle.

Currently, the regulatory environment around IoT security is disjointed. NIST informs regulations in the U.S., but other countries have their own sanctioning bodies and standards. Electric vehicle regulation covers PKI, but those regulations differ from one region to the next. Standards like IEC 62443 are often discussed in comparison to other security standards. Californias SB: 327 law was the first IoT-specific law in the U.S.

An enterprise releasing a product globally must manufacture that product with security that complies across several regulatory landscapes (e.g., GDPR in Europe, PIPL in China, LGPD in Brazil). These privacy regulations are being expanded to include IoT devices, and some organizations may benefit from specialized consultants who are familiar with all the standards.

For most IoT manufacturers, security is not the primary value, but buyers assume that products are secure, and a breach at the device level can diminish customer confidence in a brand and lead to high-profile reputational damage. An aquarium thermometer in a casino allowed a hacker to export 10 GB of undisclosed data out of the country. Breached security cameras gave hackers access to video feeds in Tesla factories as well as jails, police departments, and hospitals.

On a grander scale, the Stuxnet virus altered the speeds of Irans nuclear centrifuges so imperceptibly that humans could not detect the change, bringing the Iranian nuclear program to its knees.

But its not just governments and corporations that can be impacted: from vehicles getting hacked while driving down the highway to home security cameras being compromised to vulnerabilities in IoT pacemakers, cyberattacks on some IoT devices can be directly life-threatening and create fear on the part of consumers.

Because of this, unsecured devices can result in hefty fines and penalties by government regulators. In 2015, the HHS Office of Civil Rights (OCR) announced its first settlement involving a data breach through medical devices in a hospital setting. 600 records were exposed, and Lahey Hospital & Medical Center settled for $850,000. The argument could be made that the OCR is sending a message about bringing devices and systems under the HIPAA compliance umbrella.

The IoT industry is set to explode across several verticals. According to IoT Analytics, the Global IoT market grew over 22% in 2021, and it is projected to keep increasing at that same compound annual growth rate through 2027.

There are a lot of growing pains in this relatively new industry, and companies arent sure whos in charge of what when it comes to security. The best security posture will be achieved when design, operations, and security leaders recognize that they all have a stake in IoT device security. The best IoT products will be built by manufacturers that incorporate security and compliance considerations into device design from the beginning.

If you want to dive deeper into the principles of how to secure the Internet of Things, check out our whitepaper Five Guiding Tenets for IoT Security.

Access to real-time data has immense value for business intelligence. Imagine if a robotic arm on an assembly line could tell you how much energy its using, how long it takes to do its job, or when it will need maintenance.

From pacemakers to self-driving cars, devices that were previously siloed are getting connected to the internet. This offers a great deal of value to users and can even save lives in the case of medical devices. But with the added value of interconnectivity comes much greater risk.

Theoretically, the Internet of Things (IoT) infrastructure can be even more secure than that of servers and workstations, as manual processes are often the most vulnerable part of a cloud-based infrastructure.

But as a new technology facing explosive growth, IoT device security can be a moving target as new technologies, regulations, use cases, and threats emerge. And the stakes are high, as the potential fallout of a data breach in which medical devices, military equipment, personal vehicles, or major public utilities are compromised could be life-threatening.

The Internet of Things is a new world for traditional IT and cybersecurity folks. There are plenty of ways their current expertise can apply to this new IoT revolution, but theyll have to face some new challenges, as well.

Manufacturing machinery often has to produce hundreds of thousands of units per week, each one with its own certificate and identity. Certs have to be issued as fast as units come off the assembly line.

Simply maintaining the inventory of all the issued certs, let alone monitoring and updating them, is a major undertaking, especially for certificates with short lifecycles.

Forty-two percent of enterprises still use spreadsheets to track digital certs manually, and 57% dont have an accurate inventory of their SSH keys. Consequently, up to 40% of machine identities arent being tracked.

Automotive electronic control units (ECUs), which control in-vehicle safety, drive train, and infotainment systems, are manufactured in a sprawling supply chain with several points of entry that could be exploited by a threat actor.

And the products of this supply chain are deployed into unknown environments that might employ decades-old security controls. Manufacturers cant let their products security depend on the end user, as a data breach tied to the product can potentially damage the reputation of the manufacturer, even if the breach is ultimately the users fault.

IoT technology must take a Zero Trust approach to security for both human and machine identities. This approach, in which rejecting access is the default and access is only granted based on strict criteria, doesnt just bolt on security as a featureit bakes it in as a design element throughout the product lifecycle.

Additionally, the device has to integrate with a wide range of adjacent systems, some of which might not adhere to the same rigorous security standards. Regulations and industry standards are still taking shape in the IoT space, so manufacturers face the challenge of tool disparity among these systems. Protecting your products while also making them interoperable can be a tall order.

Security is hardly ever a selling point for an IoT device. What matters in the market is how well the product works, how energy efficient it is, cost, etc. IoT product sellers cant charge customers more for a product by using security as a value proposition. Consequently, manufacturers must take care that security measures dont adversely impact usability and efficiency.

Security considerations must be interwoven throughout the product development and manufacturing process so that they dont become clunky add-ons. If security is part of the workflow from the beginning, i.e., Security by Design, it will create less friction in the product release cycle and eat into profit margins less.

Security is not usually Job #1 in the design process for manufacturing equipment. Clients mainly care about how well the product works, whether it has all of the capabilities they need, and how much it costs. Giving business leaders the ability to oversee operations across the internet is a huge value driver, but everything a device connects to presents a new risk. Balancing security and interconnectivity has to be on a product designers mind to prevent the damage to a companys reputation a potential data breach could cause.

This balancing act can be difficult, especially if the design phase leans toward an Agile or DevOps model. Designers thrive on change and innovation, while security folks find stability in stasis and predictability. Designers may not want another cook in the kitchen, and security leaders may not be flexible enough to compromise.

IoT will see tons of evolution in the next few years. New use cases, technologies, and threats will spur new regulations. But if security isnt a top priority for IoT developers, then compliance will always be a struggle.

Currently, the regulatory environment around IoT security is disjointed. NIST informs regulations in the U.S., but other countries have their own sanctioning bodies and standards. Electric vehicle regulation covers PKI, but those regulations differ from one region to the next. Standards like IEC 62443 are often discussed in comparison to other security standards. Californias SB: 327 law was the first IoT-specific law in the U.S.

An enterprise releasing a product globally must manufacture that product with security that complies across several regulatory landscapes (e.g., GDPR in Europe, PIPL in China, LGPD in Brazil). These privacy regulations are being expanded to include IoT devices, and some organizations may benefit from specialized consultants who are familiar with all the standards.

For most IoT manufacturers, security is not the primary value, but buyers assume that products are secure, and a breach at the device level can diminish customer confidence in a brand and lead to high-profile reputational damage. An aquarium thermometer in a casino allowed a hacker to export 10 GB of undisclosed data out of the country. Breached security cameras gave hackers access to video feeds in Tesla factories as well as jails, police departments, and hospitals.

On a grander scale, the Stuxnet virus altered the speeds of Irans nuclear centrifuges so imperceptibly that humans could not detect the change, bringing the Iranian nuclear program to its knees.

See the article here:
Why is the Internet of Things So Hard to Secure? - Security Boulevard

Read More..
Posted in Internet Security | Leave a Comment

Democratic EU Standards and the Global View on Safe Web Browsing – EURACTIV

September 7, 2022 | Author: admin

The revision of the eIDAS Regulation initiated a discussion about who sets standards for safe web browsing via Qualified Website Authentication Certificates. Dr. Kim Nguyen, Managing Director of D-Trust (a company of the Bundesdruckerei Group), explains why European digital sovereignty is the better option.

Dr. Kim Nguyen is the Managing Director of D-Trust GmbH, a company of the Bundesdruckerei Group.

With Making Europe Fit for the Digital Age, the von der Leyen Commission has set us on the road to a new, digital era for the European Union. Digital technology has a profound impact on our lives, and if the EU aims to take its values and principles seriously Europe needs this change to work for citizens and businesses alike.

Real EU-sovereignty requires a sincere well-meant protection of its citizens. In this effort, two aspects are given a key role: The ability to verify digital content, URLs, and identities as well as the ability to set sovereign European standards.

Why are standards and their certification so important? Standards are representing quality, ensuring security, and building up trust. When you currently visit a website, your browser will display a lock icon. This indicates that you have established an encrypted connection to the digital destination you have accessed. This connection is secured via digital certificates.

However, only so-called Qualified Website Authentication Certificates (QWAC) provide transparency and confirm and provide the website providers secured identity for the user. They are in a way your defence against fraudulent sites and ill-intentioned actors. They establish the level of trust in a website, which is necessary for you to browse safely and securely because they guarantee that your personal information including sensitive data like credit card information is not only protected while being transmitted but does not fall into the wrong hands.

According to a 2018 study, the websites of the twenty largest online sellers in Germany alone have been illegally replicated more than 7.000 times. This example impressively demonstrates the threats for internet users as well as the necessity for website authentication mechanisms.

The question of who is responsible for setting standards for websites and who is supervising them has become a topic of heated debates. Given the experience in other sectors, like transport, pharmaceutical or finance, it should be quite obvious that standards are set and checked by neutral external supervisory bodies.

However, today, the browsers themselves set and check the security standards and are able to arbitrarily decide whether to display QWACs or not.

The EU Commission now intends to shift this decision-making power from the hands of international Big Tech companies to the democratically elected European regulators as well as to a governance system which consists of certification and audit bodies as well as national supervisory bodies including means and processes to deal with possible critical issues. Certain web service providers argue that they are defending consumer protection and offer safer solutions under their own responsibility.

While it is true that certain digital companies excel in their sectors and that it is easier for them to create certification schemes for their own browsers, this line of argument serves to conceal an important aspect: Such an approach would leave the question of standards and accountability entirely in their hands. These companies aim to essentially usurp the role of trust service providers and take on crucial internet security responsibilities on behalf of the European Union.

In a world of big tech companies and increasingly powerful authoritarian regimes outside of Europe, the question of who to trust in setting and controlling standards for the digital world becomes ever-more important. Why would we trust the largely intransparent internal processes of global companies without any external check more than our own democratic institutions? As European citizens, we should choose to be the ones to decide on who sets up and supervises these standards.

By setting standards on a European level, we can even avoid becoming dependent on a single government. European solutions might not be perfect, but EU-governance has been very well established over the years and can be further developed. The Commissions proposal for a revision of the eIDAS Regulation is in line with the European Unions ambition to strengthen its commitment to its values such as sovereignty, accountability, and transparency.

Contrary to what recent anti-QWACs campaigning has suggested, the standard setting of liberal democratic institutions is well established, has served Europe well for decades, and cannot at all be compared to the government overreach of non-democratic states like Kazakhstan. In line with democratic principles, the European standards should be developed in cooperation with technical experts from businesses, civil society, and government.

For a website verification to be trustworthy in Europe, European standards are needed. EU standards strengthen EU-sovereignty, and from EU-sovereignty follows that the spirit of EU-laws is upheld. EU-standards entail that we as European citizens, governments, and companies develop the basic rules for the digital world together. Joint events, that bring policy makers, business and civil society together such as the European Digital Identity Roundtable, can make important contributions in this process.

Besides, it means that other companies and institutions will need to follow standards developed by and for Europeans, thus giving us a competitive advantage. It also entails that online verification will rely on European actors. Relinquishing control over website certification will not aid the EU to become more sovereign or more democratic. Therefore, the EU should make use of its right for democratically legitimized representatives and civil servants to set standards that are in the interest of European citizens.

See the rest here:
Democratic EU Standards and the Global View on Safe Web Browsing - EURACTIV

Read More..
Posted in Internet Security | Leave a Comment

ISPA Starts Hunt for UK Internet Hero and Villain in 2022 Awards – ISPreview.co.uk

September 7, 2022 | Author: admin

The UK Internet Service Providers Association (ISPA) has today begun inviting feedback to help them choose the shortlist for this years Internet Hero and Internet Villain category as part of their 2022 internet industry awards event, which is due to take place on the 24th November 2022 at the Landmark Hotel in London.

Last years event saw Helen Milner (OBE) of the Good Things Foundation being named as the ISPAs Internet Hero for the groups efforts to tackle digital inclusion. Meanwhile, the Internet Villain category is returning this year after a long absence, which seemed to start after the ISPA suffered a backlash following their decision to nominate Mozilla for the 2019 award this related to the browser firms DNS-over-HTTPS (DoH) push (here).

As usual, the ISPA are now seeking nominations from members of the public by 28th October 2022. Readers can submit their nominations for either the Internet Hero or Villain categories please submit the name of the individual / organisation to awards@ispa.org.uk, or on social media using the hashtag #internethero or #internetvillain .

New ISPA Chair, Steve Leighton, said:

The annual ISPA awards is a fantastic opportunity to celebrate all things internet over the past 12 months. As part of this, the Internet Hero & Villain awards provide a great opportunity to celebrate those who have contributed to our sector in the past year, whilst also reflecting on some of the serious issues we have faced. We look forward to the sector and the public nominations.

No doubt people will have their own ideas about who or what to nominate for both categories, although the Governments new Online Safety Bill (OSB) and Telecoms Security Laws could potentially fit into both depending upon your perspective.

Go here to read the rest:
ISPA Starts Hunt for UK Internet Hero and Villain in 2022 Awards - ISPreview.co.uk

Read More..
Posted in Internet Security | Leave a Comment

Five things South Africa must do to combat cybercrime – The Conversation

September 7, 2022 | Author: admin

Cyber-attacks are on the rise globally, with seriously negative implications for countries strategic, national, economic and social well-being.

A cyber-attack can be defined as an unauthorised attempt successful or not to infiltrate a computer or computer system for malicious purposes. Reasons for such attacks vary from financial gain to espionage, gathering strategic and national information and intelligence about an adversary. Such an adversary can be a nation state, a corporate entity or a private individual.

The authoritative international Cybercrime Magazine expects global cybercrime costs to grow by 15% a year over the next five years, reaching $10.5 trillion a year by 2025, reporting:

This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined.

A 2022 report by Surfshark, the Netherlands-based virtual private network (VPN) service company, lists the top 10 countries in the world in terms of cybercrime density. Cybercrime density is defined as the percentage of cyber victims per one million internet users. South Africa is number six on the list, with the UK, the US, Canada, Australia and Greece taking places one to five. The UK, therefore, has the highest cybercrime density. That means it has the most cybercrime. One reason for South Africas poor showing may lie in the fact that a 2020 Accenture report found the countrys internet users were inexperienced and less technically alert.

In May, a data leak at Transunion, a credit management company, reportedly compromised the personal information of 54 million South Africans. President Cyril Ramaphosa was among the victims.

In 2021 a successful cyber-attack on Transnet, the transport parastatal, brought container terminals to a standstill, disrupting imports and exports. This had massive strategic and economic implications.

Cybercriminals are increasingly moving from targeting enterprise systems to the end users the employees who operate computers and have access to the enterprises corporate data and network systems.

Poor cybersecurity awareness and training of end users is one reason cyber-attacks succeed in South Africa. In both the Transunion and Transnet attacks, unauthorised access was gained via end users.

Cyber-attacks are expected to grow in sophistication as criminals exploit such technologies as artificial intelligence. I am a cybersecurity expert and academic who has watched the growing problem of cyber-attacks in South Africa and internationally over the last 30 years. In my experience, five key ingredients need to be in place in the cybersecurity ecosystem to fight cybercrime in South Africa:

recognition of cybercrime as a governance issue

skilled practitioners and advisors

savvy citizens

public-private partnership

a dedicated national director of cybersecurity.

1. Fighting cybercrimes must be a governance issue

This is a core principle in all national and international good corporate governance practices. In private companies that role falls on the boards of directors and executive management. Its part of the oversight and code of conduct of top management.

For the government it means that the president and cabinet should be responsible for ensuring that the country is resilient against cyber-attacks.

2. Skilled cyber practitioners and advisors are vital

There is a dire need for cybersecurity capacity globally. South Africa is no exception.

This shortage is experienced both in government and in the private sector. South Africa needs a large number of cybersecurity practitioners and advisers to help users to identify and prevent cyber-attacks. These should ideally be available in all government institutions, including every municipality, hospital and school.

The skills shortage is being addressed by universities and private colleges, but this is but a drop in the ocean because the output is limited and takes several years to produce. The fact is that such cybersecurity practitioners do not necessarily all have to have university degrees. In the UK, for example, the governments National Cybersecurity Centre has a programme called CyberFirst, directed towards schools.

Such a programme could have significant benefits for South Africa, including providing jobs for talented young people who do not have the money or interest to pursue tertiary studies.

3. Citizens must be cybercrime savvy

All computer end users must be empowered to be cybercrime fighters to make the country, companies and other institutions more resilient.

Security is everyones job. Everyone from the entry-level to top management should know how to identify and report breaches so they can defend the enterprise.

New, more effective approaches must be found to make end users more aware of cyber risks and integrate them better into the enterprises cyber defences. One example of such a new approach can be modelled on the idea of a human firewall, where every end user understands that he or she is part of the cyber defence of the country or company, and acts in that way.

4. Public-private partnership is imperative

The government cannot fight cybercapture on its own. Most of the present cyber expertise lies in the private sector. The private sector is basically running a major part of South Africas critical information infrastructures such as for banks, internet service providers and cellphone service companies.

Public-private partnerships must be established as soon as possible to combat cybercrimes. This idea is already provided for in the original National Cybersecurity Policy Framework of 2013. But the political will from government to make it work seems missing and no such partnerships have really developed.

5. Have a dedicated national cybersecurity director

Cybersecurity experts and functionaries in the government and the private sector often operate in independent silos. Nobody has the required helicopter view and oversight of the status of cybercrime in the country.Not sharing scarce cybersecurity expertise between role players ends up in expensive duplication of expensive software systems and training, which could be more widely available.

South Africa needs a national bureaucrat, or national cybersecurity director to play an oversight role. The office must act as a single point of contact for all cyber-related matters in the country. The incumbent must be technically skilled in cyber matters, and have the trust of both government and private sector role players.

He or she must report directly to parliament something like Chapter 9 institutions, which strengthen the countrys democracy as provided under the constitution.The US, the UK and Rwanda have all created such a position or agency.

Read the rest here:
Five things South Africa must do to combat cybercrime - The Conversation

Read More..
Posted in Internet Security | Leave a Comment

CCNY to expand blockchain and crypto research and teaching – The City College of New York News

September 5, 2022 | Author: admin

Rosario Gennaro, professor of computer science in The City College of New Yorks Grove School of Engineering, is the recipient of a five-year $850,000 grant to further CCNYs contributions to the advancement of blockchain systems. The funding is part of a five-year, $5.75 million grant by the Algorand Foundation to a Yale University-led consortium. The Foundation is the charitable arm of blockchain company Algorand, founded in 2017 by Silvio Micali of the Massachusetts Institute of Technology.

The main focus of the CCNY grant, which is eligible for renewal at the end of the five-year period, is on education. It will be used to provide more opportunities for students to study and participate in this burgeoning field.

The cornerstone of the program will be a six-week summer institute for undergraduates to learn about blockchain and cryptocurrencies, through a combination of lectures, projects and exposure to cutting-edge research. Modeled after the National Science Foundation's Research Opportunities for Undergraduates program, the summer institute will provide scholarships to the participating students.

This will allow our students to really get their hands on what working in blockchain and crypto areas is like through an intense summer experience, said Gennaro, who also directs City Colleges Center for Algorithms and Interactive Scientific Software. There are many good jobs in this area, and this will help students get a foot in the door.

Gennaro added that the evolution of the World Wide Web and the emergence of blockchain technology which can be described simply as a public ledger portends a greater demand for software engineers.

Web1 was limited to data users, he said. We are now in Web2, in which users are active participants in large centralized systems such as Google and Facebook -- which own the data. The dream of Web3 is that of a fully decentralized architecture, one in which you own and control the data that you put on the web.

Blockchain is the main component of that dream, as it permits that access.

There is a great demand for Web3 engineers, he said.

Gennaro has also moved to hire professionals to fill the ranks of the faculty. He recently lured computer scientist Allison Bishop from Columbia University to teach courses in artificial intelligence. He has also bolstered the graduate program in cybersecurity by increasing financial and logistical support.

Yale, meanwhile, will use its grant to establish a Center for Privacy, Accountability, Verification and Economics of Blockchain Systems, to be led by Charalampos Papamanthou, a Yale computer scientist. Gennaro and other CCNY computer scientists will also be faculty members of the Center.

About the City College of New YorkSince 1847, The City College of New York has provided a high-quality and affordable education to generations of New Yorkers in a wide variety of disciplines. CCNY embraces its position at the forefront of social change. It is ranked #1 by the Harvard-based Opportunity Insights out of 369 selective public colleges in the United States on the overall mobility index. This measure reflects both access and outcomes, representing the likelihood that a student at CCNY can move up two or more income quintiles. In addition, the Center for World University Rankings places CCNY in the top 1.8% of universities worldwide in terms of academic excellence. Labor analytics firm Emsi puts at $1.9 billion CCNYs annual economic impact on the regional economy (5 boroughs and 5 adjacent counties) and quantifies the for dollar return on investment to students, taxpayers and society. At City College, more than 16,000 students pursue undergraduate and graduate degrees in eight schools and divisions, driven by significant funded research, creativity and scholarship. CCNY is as diverse, dynamic and visionary as New York City itself. View CCNY Media Kit.

See more here:

CCNY to expand blockchain and crypto research and teaching - The City College of New York News

Read More..
Posted in Computer Science | Leave a Comment

Research Shows That Artificial Sweeteners Can Have Unexpected Effects on the Body – SciTechDaily

September 5, 2022 | Author: admin

The study demonstrates that non-nutritive sweeteners have an effect on the human body.

According to a controlled experiment, these sugar substitutes have a variety of impacts on peoples gut microbes and glucose metabolism.

Artificial sweeteners and sugar replacements, also referred to as non-nutritive sweeteners, claim to provide all the sweetness of sugar without the calories. However, contrary to popular assumption, such sweeteners are not inert: They do have an impact on the human body, according to a controlled trial conducted by Weizmann Institute of Science researchers and published in the journal Cell.

In fact, some can influence the trillions of microorganisms that reside in our guts and regulate our blood sugar levels by altering the microbiomes of human consumers. Furthermore, different individuals respond to sweeteners in very different ways.

A Weizmann Institute study on mice conducted in 2014 revealed that certain non-nutritive sweeteners could be causing the alterations in sugar metabolism that they are meant to prevent. A team of researchers led by Professor Eran Elinav of Weizmanns Systems Immunology Department screened roughly 1,400 prospective volunteers in the new experiment, choosing 120 who carefully avoided any artificially sweetened foods or beverages.

Six groups were then formed out of the volunteers. Participants in four of the groups received sachets containing one of the following sweeteners: saccharin, sucralose, aspartame, or stevia, each in quantities that were below the recommended daily consumption. The two other groups acted as controls.

The research was led by Dr. Jotham Suez, a former graduate student of Elinavs who is now a principal investigator at the John Hopkins University School of Medicine, and Yotam Cohen, a graduate student in Elinavs lab. It was carried out in partnership with Professor Eran Segal of Weizmanns Computer Science and Applied Mathematics and Molecular Cell Biology Departments.

The researchers found that two weeks of consuming all four sweeteners changed the composition and function of the microbiome and of the small molecules the gut microbes secrete into peoples blood each sweetener in its own way. They also found that two of the sweeteners, saccharin, and sucralose, strongly altered glucose tolerance that is, proper glucose metabolism in the recipients. Such alterations, in turn, could contribute to metabolic disease. In contrast, no changes in either the microbiome or glucose tolerance were found in either of the two control groups.

The changes in gut microbes caused by sweeteners were strongly associated with changes in glucose tolerance. These findings reinforce the view of the microbiome as a hub that integrates the signals coming from the human bodys own systems and from external factors such as the food we eat, the medications we take, our lifestyle and physical surroundings, Elinav says.

To check whether changes in the microbiome were indeed responsible for impaired glucose tolerance, the researchers transplanted gut microbes from more than 40 trial participants into groups of germ-free mice that had never consumed non-nutritive sweeteners. In each trial group, the transplants had been collected from several top responders (trial participants featuring the biggest changes in glucose tolerance) and several bottom responders (those featuring the least changes in glucose tolerance).

Strikingly, recipient mice showed patterns of glucose tolerance that largely reflected those of the human donors. Mice that received microbiomes from the top responders had the most pronounced alterations in glucose tolerance, compared to mouse recipients of microbiomes from bottom responders and from human controls. In follow-up experiments, the researchers determined how the different sweeteners affected the abundance of specific species of gut bacteria, their function, and the small molecules they secrete into the bloodstream.

Our trial has shown that non-nutritive sweeteners may impair glucose responses by altering our microbiome, and they do so in a highly personalized manner, that is, by affecting each person in a unique way, Elinav says. In fact, this variability was to be expected, because of the unique composition of each persons microbiome.

Elinav continues: The health implications of the changes that non-nutritive sweeteners may elicit in humans remain to be determined, and they merit new, long-term studies. In the meantime, its important to stress that our findings do not imply in any way that sugar consumption, shown to be deleterious to human health in many studies, is superior to non-nutritive sweeteners.

Reference: Personalized microbiome-driven effects of non-nutritive sweeteners on human glucose tolerance by Jotham Suez, Yotam Cohen, Rafael Valds-Mas, Uria Mor, Mally Dori-Bachash, Sara Federici, Niv Zmora, Avner Leshem, Melina Heinemann, Raquel Linevsky, Maya Zur, Rotem Ben-Zeev Brik, Aurelie Bukimer, Shimrit Eliyahu-Miller, Alona Metz, Ruthy Fischbein, Olga Sharov, Sergey Malitsky, Maxim Itkin, Noa Stettner, Alon Harmelin, Hagit Shapiro, Christoph K. Stein-Thoeringer, Eran Segal and Eran Elinav, 19 August 2022, Cell.DOI: 10.1016/j.cell.2022.07.016

The study was funded by the Jeanne and Joseph Nissim Center for Life Sciences Research, the Swiss Society Institute for Cancer Prevention Research, the Sagol Institute for Longevity Research, the Sagol Weizmann-MIT Bridge Program, the Norman E Alexander Family M Foundation Coronavirus Research Fund, the Leona M. and Harry B. Helmsley Charitable Trust, the Rising Tide Foundation, Mike and Valeria Rosenbloom Foundation, the Adelis Foundation, the Ben B. and Joyce E. Eisenberg Foundation, the Isidore and Penny Myers Foundation, Miel de Botton, the Vainboim Family, and Charles S. Rothschild.

Read more:

Research Shows That Artificial Sweeteners Can Have Unexpected Effects on the Body - SciTechDaily

Read More..
Posted in Computer Science | Leave a Comment

The AI Researcher Giving Her Field Its Bitter Medicine – Quanta Magazine

September 5, 2022 | Author: admin

Anima Anandkumar, Bren Professor of computing at the California Institute of Technology and senior director of machine learning research at Nvidia, has a bone to pick with the matrix. Her misgivings are not about the sci-fi movies, but about mathematical matrices grids of numbers or variables used throughout computer science. While researchers typically use matrices to study the relationships and patterns hiding within large sets of data, these tools are best suited for two-way relationships. Complicated processes like social dynamics, on the other hand, involve higher-order interactions.

Luckily, Anandkumar has long savored such challenges. When she recalls Ugadi, a new years festival she celebrated as a child in Mysore (now Mysuru), India, two flavors stand out: jaggery, an unrefined sugar representing lifes sweetness, and neem, bitter blossoms representing lifes setbacks and difficulties. Its one of the most bitter things you can think about, she said.

Shed typically load up on the neem, she said. I want challenges.

This appetite for effort propelled her to study electrical engineering at the Indian Institute of Technology in Madras. She earned her doctorate at Cornell University and was a postdoc at the Massachusetts Institute of Technology. She then started her own group as an assistant professor at the University of California, Irvine, focusing on machine learning, a subset of artificial intelligence in which a computer can gain knowledge without explicit programming. At Irvine, Anandkumar dived into the world of topic modeling, a type of machine learning where a computer tries to glean important topics from data; one example would be an algorithm on Twitter that identifies hidden trends. But the connection between words is one of those higher-order interactions too subtle for matrix relationships: Words can have multiple meanings, multiple words can refer to the same topic, and language evolves so quickly that nothing stays settled for long.

This led Anandkumar to challenge AIs reliance on matrix methods. She deduced that to keep an algorithm observant enough to learn amid such chaos, researchers must design it to grasp the algebra of higher dimensions. So she turned to what had long been an underutilized tool in algebra called the tensor. Tensors are like matrices, but they can extend to any dimension, going beyond a matrixs two dimensions of rows and columns. As a result, tensors are more general tools, making them less susceptible to overfitting when models match training data closely but cant accommodate new data. For example, if you enjoy many music genres but only stream jazz songs, your streaming platforms AI could learn to predict which jazz songs youd enjoy, but its R&B predictions would be baseless. Anandkumar believes tensors make machine learning more adaptable.

Its not the only challenge shes embraced. Anandkumar is a mentor and an advocate for changes to the systems that push marginalized groups out of the field. In 2018, she organized a petition to change the name of her fields annual Neural Information Processing Systems conference from a direct acronym to NeurIPS. The conference board rejected the petition that October. But Anandkumar and her peers refused to let up, and weeks later the board reversed course.

Quanta spoke with Anandkumar at her office in Pasadena about her upbringing, tensors and the ethical challenges facing AI. The interview has been condensed and edited for clarity.

In the early 1990s they were among the first to bring programmable manufacturing machines into Mysore. At that time it was seen as something odd: We can hire human operators to do this, so what is the need for automation? My parents saw that there can be huge efficiencies, and they can do it a lot faster compared to human-operated machines.

Yeah. And programming. I would see the green screen where my dad would write the program, and that would move the turret and the tools. It was just really fascinating to see understanding geometry, understanding how the tool should move. You see the engineering side of how such a massive machine can do this.

My mom was a pioneer in a sense. She was one of the first in her community and family background to take up engineering. Many other relatives advised my grandfather not to send her, saying she may not get married easily. My grandfather hesitated. Thats when my mom went on a hunger strike for three days.

As a result, I never saw it as something weird for women to be interested in engineering. My mother inculcated in us that appreciation of math and sciences early on. Having that be just a natural part of who I am from early childhood went a long way. If my mom ever saw sexism, she would point it out and say, No, dont accept this. That really helped.

Original post:

The AI Researcher Giving Her Field Its Bitter Medicine - Quanta Magazine

Read More..
Posted in Computer Science | Leave a Comment