Do You Have 100 Terabytes of Free Storage? Download the Universe

Researchers have prepared the Uchuu simulation of the universe, the most detailed ever made so far. It contains 2.1 trillion “particles” in a space 9.6 billion light-years across.

The simulation models the evolution of the universe across more than 13 billion years. It doesn’t focus on the formation of stars and planets but instead looks at the behavior of dark matter within an expanding universe. The detail of Uchuu is high enough that the team can identify everything from galaxy clusters to the dark matter halos of individual galaxies. Since dark matter makes up most of the matter in the universe, it is the main driver of galaxy formation and clustering.

“Fortunately, if you don’t have that much spare change, you can access the data online. The Uchuu team has their raw data on skiesanduniverses.org, so you can explore their virtual universe all you want.”

Photo by Guillermo Ferla on Unsplash

FTC Reveals its Study on Acquisitions From Big Tech

The Federal Trade Commission will change the way it scrutinizes acquisitions from Big Tech. On Friday it released the findings of its decade-long study on deals that weren’t reported.

The FTC reviewed 616 transactions valued at $1 million or more between 2010 and 2019 that were not reported to antitrust authorities by Amazon, Apple, Facebook, Google and Microsoft. 94 of the transactions actually exceeded the dollar size threshold that would require companies to report a deal. The deals may have qualified for other regulatory exemptions. 79% of transactions used deferred or contingent compensation to founders and key employees, and nearly 77% involved non-compete clauses. 36% of the transactions involved assuming some amount of debt or liabilities.

Apple Once Threatened to Remove Facebook From App Store Over Human Trafficking

On Friday a report claims that Apple once threatened to remove Facebook from the App Store in 2019. The cause was human trafficking. (Original, paywalled report here).

The BBC published a sweeping undercover investigation of the practice, prompting Apple to threaten to remove Facebook from its store, the paper said.

An internal memo found that Facebook was aware of the practice even before then: A Facebook researcher wrote in a report dated 2019, “was this issue known to Facebook before BBC inquiry and Apple escalation?,” per the Journal.

Do the right thing, Apple: Remove Facebook.

The DIY Raspberry Pi Automatic Guitar Tuner

First of all, “music is notably mathematical” is a brilliant pun. Second of all, this project is a brilliant merger of Maker DIY tech and music, especially since the gadget actually turns the pegs for you to tune your guitar strings. This Raspberry Pi project is based on Band Industries’ Roadie 3 automatic tuner. I love the fact that Jean-Gilles not only provides the instructions and source code for the project, but also the 3D printing files.

Music is notably mathematical, so it should come as no surprise that many makers turn to creating their own Raspberry Pi-based solutions for musical problems. Today we’ve got a sharp, problem-solving creation to share from maker Guyrandy Jean-Gilles. Tired of twisting his pegs, Jean-Gilles opted to develop his own Raspberry Pi Pico-powered automatic guitar tuner.

'OSX.ZuRu' Malware Spreads From Trojanized Apps via Sponsored Search Results

The latest Mac malware to be discovered is called OSX.ZuRu. It spreads via infected apps from sponsored search results.

The legitimate and the malicious iTerm2 application bundles contain a massive number of files, including several Mach-O binaries. Moreover, the malicious version appears largely benign (as is the case with most applications that have been surreptitiously trojanized). As such, it takes us a minute to uncover the malicious component.

Health Apps Must Warn Users of Data Breaches, Says FTC

The Federal Trade Commission issued a policy statement on Thursday. It says that health apps and wearable companies must warn their users of data breaches or face fines.

In a policy statement adopted during an open meeting, the Commission noted that health apps, which can track everything from glucose levels for those with diabetes to heart health to fertility to sleep, increasingly collect sensitive and personal data from consumers These apps have a responsibility to ensure they secure the data they collect, which includes preventing unauthorized access to such information.

Excellent news. Now they should make sure the fines are high enough to deter repeat offenders (cough T-Mobile).

PrivacyTools Website Rebrands as Privacy Guides (Update)

PrivacyTools.io is a website I’ve long used to learn about different types of private software. The team announced that it will rebrand as Privacy Guides.

Our work maintaining PrivacyTools has been extremely difficult of late without access to key assets such as the domain and without the participation of its founder.

This name change is the first step in this process of regaining our independence as a community. Eventually, we plan on creating a new legal organization designed around the community to ensure our long-term sustainability. This will take some careful planning and time to get right, but we’re confident we can prevent this from ever happening again, and keep us independent of any one team member.

Update: It appears there is some contention or intra-politics. The official PrivacyTools Twitter account said it is a project split, not a rebrand.

New Products at Mimeo Photos Include Mounted Prints

Mimeo Photos has recently launched mounted photos and expanded its size options for wall decor and photo prints.

Mimeo Photos users can now transform their favorite photos, designs or artwork into a customized mounted wall print to adorn the walls of their home, office or studio. Mimeo Photos also expanded its wall decor category to include eighteen new sizes and added two new sizes to its photo prints offering. As the No. 1 photo product extension in the Mac App store, Mimeo Photos continues to innovate and expand its product offering, while also being available everywhere its customers’ photos are taken and stored.

Inside Project Raven, a Team of Former NSA Analysts Who Worked for the UAE Government

Project Raven was a team that included more than a dozen former U.S. intelligence operatives recruited to help the United Arab Emirates engage in surveillance of other governments, militants and human rights activists critical of the monarchy. Reuters tells the story.

The operatives utilized an arsenal of cyber tools, including a cutting-edge espionage platform known as Karma, in which Raven operatives say they hacked into the iPhones of hundreds of activists, political leaders and suspected terrorists. Details of the Karma hack were described in a separate Reuters article today.

An interesting story. We know that iOS 14.8 patched a vulnerability used by the Pegasus spyware, but I haven’t heard much about Karma.

'SSID Stripping' Can Trick You Into Joining a Malicious Wi-Fi Network

Researchers have discovered a new type of network vulnerability dubbed SSID Stripping. It causes a network name to appear differently in a device’s list of networks, thus tricking people into joining a malicious network.

The SSID Stripping vulnerability affects all major software platforms – Microsoft Windows, Apple iOS and macOS, Android and Ubuntu. With SSID Stripping, it is possible to create a network name in a way that its display only shows a prefix that is similar to a legitimate network name (e.g. the corporate network name) while the actual network name includes the additional specially crafted information.

How to Use Regular Expressions, or Regex, in Shortcuts

Regular expressions, or regex for short, are certain characters used as search functions. They are powerful, confusing tools. Justin Meredith wrote a guide on how to get started.

In case you don’t know, a piece of text within another piece of text is called a “string” in programming. For instance, the word ‘green’ is a string of characters from the text “I wore green pants today.”

So put another way, regex is a way to locate a string of text in a larger body of text. And because regex is written in code, you can use it to perform some pretty complex operations.

Researchers Uncover a Phishing Kit Used by Two Criminal Gangs

Led by Noam Rotem, vpnMentor’s research team has discovered two separate criminal gangs using slightly altered versions of the same phishing kit to scam people across the globe.

It appears the phishing kit was being used to target people mostly living in Israel and France by two separate criminal gangs. However, we believe these two groups operate phishing websites and SMS operations based on the same phishing kit, possibly obtained from the same source. In addition, at least one of them is potentially affiliated with the OpIsrael political hacking group.

‘Ted Lasso’ Stars and Writers Set for Big Pay Day From New Contracts

The stars and writers of Ted Lasso have scored a big day as a result of the Apple TV+ comedy becoming a bonafide hit. Those involved in the contract negotiations for season three include Jason Sudeikis (pictured above, left, with Brendan Hunt), as well as executive producer Bill Lawrence.

Sources say negotiations have been ongoing for the past month or so with central cast members including Emmy nominees Hannah Waddingham (Rebecca), Goldstein, Juno Temple (Keeley) and Hunt, who all scored raises that take them from the $50,000-$75,000 range they earned per episode for seasons one and two to the $125,000-$150,000 territory. Sources say Waddingham, Temple and Goldstein have already closed rich new deals for season three, joining Sudeikis. Goldstein also negotiated a second payday for his role as writer and exec producer on the series, with Hunt doing the same…Other actor deals are also expected to close in the coming weeks as Warners and Apple solidify a new licensing deal, with the latter taking on added costs of the show. As for Lawrence, the prolific writer-producer (Scrubs, Cougar Town, Spin City), is seeking a rich new deal that could admit him into the increasingly crowded nine-figure club other prolific showrunners like Shonda Rhimes, Greg Berlanti and Alex Kurtzman.

Apple Security Updates Fixed iMessage Flaw Used by Pegasus Spyware

The security updates that Apple released today have fixed the zero-click iMessage exploit that NSO Group used for its Pegasus spyware.

What this really highlights is that popular chat programs like iMessage are currently the royal road for nation state groups, and mercenary hackers to target phones. Ubiquitous chat and messaging apps are a serious attack surface. And it’s time for them to get a lot more secure.