Tech
EnlargeAurich / Getty

Internet Relay Chat (IRC) turned 30 this August.

The venerable text-only chat system was first developed in 1988 by a Finnish computer scientist named Jarkko Oikarinen. Oikarinen couldn't have known at the time just how his creation would affect the lives of people around the world, but it became one of the key early tools that kept Ars Technica running as a virtual workplace—it even lead to love and marriage.

To honor IRC's 30th birthday, we're foregoing the cake and flowers in favor of some memories. Three long-time Ars staffers share some of their earliest IRC interactions, which remind us that the Internet has always been simultaneously wonderful and kind of terrible.

Lee Hutchinson, Senior technology editor

June 20, 1995 was the day I logged onto the Internet for the very first time.

It wasn't my first time being "online"—as a veteran of the 713 BBS scene, I was well acquainted with the world behind my modem—but "the Internet" was a thing about which I had only the vaguest of understandings. However, thanks to a NetCruiser account (handed out gratis by Netcom to Babbage's employees like me so that we'd be more likely to recommend the service to net-hungry customers), I found myself eagerly confronting the Internet of mid-1995. To my BBS-trained provincial self, it seemed almost impossibly vast.

I just wanted to talk about Descent!
Enlarge / I just wanted to talk about Descent!Andros 1337/Wikimedia Commons

NetCruiser was an all-in-one package that bundled together clients for email, telnet, finger, FTP, IRC, and the nascent World Wide Web into a single Windows application. It also came with its own dial-up TCP/IP stack, eliminating the need to screw around with Trumpet Winsock or its contemporaries. You simply typed in your NetCruiser account name and password and the application did the rest, dialing into the closest Netcom POP and handing you an IP address. It was kind of a middle ground between the walled gardens of AOL and CompuServe and the free-for-all of a direct university connection—there were some training wheels, but it was the actual-for-real Internet.

Clicking around on that long ago June afternoon, I found myself drawn to IRC. I had no idea what "Internet Relay Chat" was, but I assumed that I could talk to other people. Clicking NetCruiser's IRC button brought up a list of channels on EFNet (though this was before IRC's Great Split, and you could join other networks if desired), and that list was bewildering indeed.

But what to talk about? There were so many channels! Some were obvious (#sex seemed like it probably contained what it said on the tin), while some were inscrutable and lacked channel descriptions. One near the top of the list jumped out at me—#descent. I was a rabidly outspoken fan of Parallax's six-degrees-of-freedom space shooter, and the chance to chat with other Descent players seemed jaw-droppingly awesome. We could talk about strategy and tactics! We could talk about that damned level seven boss! Oh, this was going to be amazing!

Eagerly, I clicked and joined the channel. NetCruiser's IRC interface came up, with a layout similar to most graphical IRC clients—a participant list on the left, message window center, and a text entry field at the bottom. I typed my first words into the channel, anticipating that I would soon be talking to dozens of new friends.

There was a moment of silence, and then something odd happened. The channel went blank. The list of users disappeared, and NetCruiser politely played the Windows alert chime through the speakers. At the bottom of the IRC window, a new message now stood alone:

"You have been kicked from channel #descent for the following reason: fuck off newbie"

I guess the Internet of 1995 wasn't that different from the Internet of 2018.

Sam Machkovech, Tech culture editor

Some of my earliest IRC stories can be found in a feature-length story about my first girlfriend, who I met through IRC. But before romance bloomed in 1997, I spent the prior year just trying to get online—and then screwing with people's heads in adults-only chat rooms.

Yes: before I jumped into the world of blind online trust, of believing that another user was telling the truth about her age, gender, and location (A/S/L?!), I was passionate about blowing up other people's trust.

Comic Chat made your chats... into comics.
Enlarge / Comic Chat made your chats… into comics.Bloodshedder/Wikimedia Commons

I don't tell this story with any sense of pride. Nor do I remember what compelled me to fake like a 22/F/Denver with some fetching handle. If my memory serves correctly, this was a reaction to the Microsoft-developed IRC client (Comic Chat) that came with my version of Windows 95 and featured a range of "sexy" cartoon avatars. Did people really use these?

For the uninitiated, Comic Chat turned plain-text chat rooms into black-and-white comic strips. Messages included metadata that the app would convert to specific visual cues (particularly "emotions" on the cartoon avatars' faces). The first general-interest chat rooms I landed in consistently suffered from a "swarm" syndrome, where any chatter who chose the voluptuous, crop-top-wearing character Anna would dominate the comic panels. Chatters would appear in the app's comic panels every time they were called out by name. Thus, any Anna users would appear over and over thanks to namechecks—and compliments about how the default cartoon looked.

Something about this tickled me, a high school loner with a superiority complex. "I'm so much better than these idiots," I probably said to myself while wearing a Throwing Copper T-shirt and cargo shorts my mom had bought for me. "I'll show them."

So, after a few anxious glances around my family's computer room, I'd log into channels like #adultsonly and #XXXchat, use the Anna avatar, and watch my "whisper" messages pile up. I typed whatever filthy stuff I could muster—gleaned from my older sister's advice-column magazines and my older brother's hidden box of skin mags, along with my own 15-year-old guesses about female anatomy. Like clockwork, I received typo-ridden messages about how hot I was.

That was the point at which I said I was ready to start a file transfer, so the chatter in question could see the lingerie in which I'd been typing. I grabbed a photo of an older, hairier guy from some GeoCities page, changed the file name, and hit send.

"There," I said to myself upon seeing the all-caps angry response land in my whisper channel. "I've changed the world today."

This wasn't some constant sociopathic practice. I did it only a few times, though I recall busting it out as a party trick if I was ever with a group of friends at an Internet-connected house. (I really only had one "impressive" skill at the time, a typing speed above 100 WPM, and this was clearly the best way to strut my nerdy peacock feathers.)

It's embarrassing to think back on this practice. But remembering it again now it convinced me that I could combine that teenaged assholery with years of technology writing and reporting to become a world-class phisher—should this Ars Technica thing not pan out.

I have Anna to thank for that misplaced confidence.

Original Article

Tech
EnlargeMichael Dodge/Getty Images

Apple has filed its formal opposition to a new bill currently being proposed by the Australian government that critics say would weaken encryption.

If it passes, the "Assistance and Access Bill 2018" would create a new type of warrant that would allow what governments often call "lawful access" to thwart encryption, something that the former Australian attorney general proposed last year.

The California company said in a filing provided to reporters on Friday that the proposal was flawed.

"This is no time to weaken encryption," the company wrote. "There is profound risk of making criminals jobs easier, not harder. Increasingly stronger—not weaker—encryption is the best way to protect against these threats."

Apple took direct aim at what American authorities have called the "going dark" problem—the notion that strong encryption makes it far too difficult for law enforcement to access hardened devices.

The Department of Justice and the FBI have pushed for something similar for decades to no avail—no specific legislation has been put forward in the United States since the failed "Clipper Chip" proposal during the Clinton administration. However, high-ranking DOJ and FBI officials during both the Obama and Trump administrations have continued to lambast this issue.

"Some suggest that exceptions can be made, and access to encrypted data could be created just for only those sworn to uphold the public good," Apple continued. "That is a false premise. Encryption is simply math. Any process that weakens the mathematical models that protect user data for anyone will by extension weaken the protections for everyone. It would be wrong to weaken security for millions of law-abiding customers in order to investigate the very few who pose a threat."

Dozens of other parties filed other briefs, offering up their comments about this proposed legislation.

The Office of the Victorian Information Commissioner expressed similar concerns, as did Riana Pfefferkorn, a Stanford legal fellow, who called the bill "dangerous and misguided."

Meanwhile, the Police Federation of Australia offered its support of the bill.

Original Article

Tech

Security threats from Chinese companies building 5G networks could end up "putting all of us at risk" if they are not tackled quickly, according to a former security minister.

Speaking to Sky News, Admiral Lord West, a former First Sea Lord who served under Gordon Brown as a security minister, urged the government to set up a unit reporting directly to the prime minister to monitor the risk posed by Chinese equipment in 5G.

5G has been hailed as the next great leap for mobile communications, enabling everything from smart cities to hologram calls.

However, the best 5G technology comes from Chinese companies, raising the fear that China's government could have ground-level access to – even control of – the UK's critical data infrastructure.

Image: Lord West is calling for a unit to monitor the risk posed by Chinese equipment in 5G

"We've got to see there's a risk," Lord West said. "Yes, we want 5G, but for goodness sake we need to do all of these things to make sure it's not putting all of us at risk."

In April, the United States banned Chinese multinationals Huawei and ZTE – both specialists in 5G – from selling equipment to the federal government.

In August, the Australian government banned the same two firms from supplying technology for its 5G network, a decision foreign minister Marise Payne described as necessary for "the protection of Australia's national security".

5G SMART CITIES VJU SLATE 0:59
Video: How would 5G 'smart cities' work?

In a statement, Huawei called the decision "politically motivated, not the result of a fact-based, transparent, or equitable decision-making process," adding that "there is no fundamental difference between 5G and 4G network architecture… 5G has stronger guarantees around privacy and security protection than 3G and 4G".

Robert Hannigan, former director of GCHQ, told Sky News an outright ban in the UK would not make 5G safe.

"The best companies in 5G are probably the Chinese ones and there aren't many alternatives," he said, before warning that new measures were needed to test the security of the network.

"We do need to find a way of scrutinising what is being installed in our network, and how it is being overseen and how it is being controlled and how it's being upgraded in the future. And we have to find a more effective way of doing that at scale."

The US banned Chinese firms Huawei and ZTE from selling equipment to the federal government in April
Image: The US banned Huawei and ZTE from selling equipment to the federal government

In April, GCHQ's National Cyber Security Centre warned ZTE could pose a national security risk to the UK.

Two months later, the UK's Huawei Cyber Security Evaluation Centre, a group set up by the government to monitor the Chinese firm, announced that it had "only limited assurance" that Huawei posed no threat to national security

"It was a bit of a warning to Huawei," said Mr Hannigan. "They needed to get better at cooperating and take this more seriously."

Robert Hannigan warned new measures were needed to test the security of the network
Image: Robert Hannigan has warned new measures are needed to test the security of the network

The difficulty for the Huawei Cyber Security Evaluation Centre is knowing for certain that the code it vets and approves is the same code that is going into networks.

"That's been a persistent problem," said Mr Hannigan. "That needs more work."

More from China

The government has put £200m into the development of 5G. Last month, the first 5G pilot centre launched in the West Midlands, testing the technology before a national roll-out.

BT, which uses Huawei to supply parts for its network, told Sky News that it would "apply the same stringent security measures and controls to 5G when we start to roll it out, in line with continued guidance from government".

Original Article

Tech

Did Google just have its Facebook moment?

It certainly feels that way after the search giant admitted late Monday that roughly 500,000 people who use Google+, its much-maligned social networking service, may have had their data illegally shared without their consent with up to 438 outsider developers.

That, in itself, doesnt look good. But the company — which discovered, and fixed, the glitch that allowed the data to be illegally shared in March this year — decided not to tell anyone, neither users nor national regulators.

The Wall Street Journal broke the story, and claimed that a committee inside Google feared the revelation would paint the company alongside Facebook, which had just suffered its own data scandal with Cambridge Analytica, a British data firm.

Heres what you need to know about the Google+ data breach:

What does this all mean? For one, Google is shutting down (or “sunsetting,” in Googlese) its consumer version of the product, which, to be honest, was used about as much as MySpace and Friendster in their time. Google said that no ones personal data ( such as email address, gender and age) had been misused, and that it was making changes to its other data collection practices to reduce the likelihood of further problems.

Thats all well and good, but: By not informing regulators (Google fixed the problem in March, so Europes new privacy standards, known as the General Data Protection Regulation, or GDPR, with its potential blockbuster fines, dont apply), the search engine looks less than forthright. It may claim that no data was mishandled, but thats not going to cut it with regulators who are already on the warpath over how tech companies collect and use reams of our personal data.

Initial reactions: At first, politicians on both sides of the Atlantic were slow off the mark. But early Tuesday, officials started the drumbeat of protests about Googles lax data protection standards. Guy Verhofstadt, a senior member of the European Parliament, called on Sundar Pichai, the companys chief executive, to testify before Brussels lawmakers (thats not very likely). “Its time we tame these tech monsters once and for all!” Verhofstadt wrote on Twitter in his usual mild-mannered way.

Not everyone, though, is casting blame solely on Google. Mounir Mahjoubi, Frances digital minister, said the countrys citizens should take a hard look at how tech companies collect and use their personal data. “We have to realize that today our personal data are not protected properly and they can leak,” Mahjoubi told French radio.

Expect investigations: So whos going to throw the book at Google? In the U.S., the Federal Trade Commission is the most likely agency, though nothing has yet been confirmed. In Europe, its more complicated. Because the data breach happened before the regions new data protection standards came into force, any of the Continents more than 30 national privacy regulators can have a go, as long as they receive a complaint from one of their citizens. Oh boy.

You cant get away from the Facebook link: Google, which privately had been crowing about its own privacy protections before this weeks revelations, is adamant that this scandal is different to Facebooks own Cambridge Analytica — and subsequent data breach — woes. That may be the case, at least on paper.

But you have a large tech company thats collecting lots of personal data, mishandling it, and third-party actors gaining access to it, often by accident.

As the expression goes, if it swims like a duck and quacks like a duck, then it probably is a (privacy scandal) duck.

Read this next: Theresa Mays Northern Irish backers give no ground

Original Article

Tech

LONDON — Move over lobbyists. The real power is with the kids.

In a global debate about how to regulate the tech sector, lawmakers from London to Washington, D.C., are increasingly pointing to their childrens education and well-being as the strongest motivators to draft new rules.

Its easy to see why.

While issues like data protection can be tricky to grasp, there is nothing mysterious about screen addiction, online bullying or excessive use of social media, all of which are the subject of studies suggesting they are potent side effects of technology. Potential harm to children is an emotional argument that short-circuits counterclaims about the danger of restricting free speech or innovation.

Its about the kids, stupid — you might say.

Its fair to say many of those lawmakers have tech experts and consultants living in their homes: their kids.

Tech moguls themselves have shown plenty of awareness that the slick hardware and highly addictive websites theyve created carry risks for kids development.

Microsoft founder Bill Gates limited the amount of time his daughter could spend on the computer. The late Steve Jobs wouldnt let his own kids use an iPad. Facebook chief Mark Zuckerberg — whose company has created a kids version of its messenger service — didnt want his own daughter near the social media platform until she was 13.

Now lawmakers are harnessing those same protective instincts, most prominently at the U.K. Conservative Partys annual conference in Birmingham, where the ruling party got together to brainstorm and float potential new policies.

U.K. Health Secretary Matt Hancock set the kid-friendly tone with an announcement that his office would be publishing official guidelines on the maximum amount of time young people should spend on social media. “I am, as a father, very worried about the growing evidence of the impact of social media on childrens mental health,” he told the Observer.

Facebook CEO Mark Zuckerberg has said he didnt want his daughter on Facebook until she turned 13 | Gerard Julien/AFP via Getty Images

Jeremy Wright, who succeeded Hancock as the U.K.s digital secretary in Prime Minister Theresa Mays government, then pitched in with some clear views on how kids should use tech. “Unsupervised access to the internet is simply dangerous,” he said at a breakfast meeting. “We need parents to understand that, frankly computers, iPads, in my view, are best if they are used in public spaces in the home, not in the kids bedrooms and then at least parents have the chance of walking past occasionally and seeing what their kids are looking at.”

Those comments came after Foreign Secretary Jeremy Hunt, who was previously in charge of health, famously warned Facebook last year to “stay away” from his kids and “act responsibility,” following the launch of Facebook Messenger for kids. Just across the Channel, in France, lawmakers have gone a step further: Theyve outlawed smartphone use at school during collège, or until kids are about 14.

Childish lawmakers

The appeal to kids welfare is an awkward one for tech firms to counter, with the typical response being: Its up to parents to make sure kids are using technology responsibly, and that kid-friendly settings are correctly adjusted. When it comes to enforcing any restrictions by law, the response is typically: Not a good idea.

In fact, tech champions often respond to proposed regulations by saying that the people behind them — elected officials — are not tech-savvy enough to propose anything useful.

In other words, on the tech front, theyre stuck in infancy.

Jack Ma, executive chairman of the Alibaba e-commerce group, suggested as much during a debate at the World Trade Organization in Geneva last week, when he said that government officials should steer clear of trying to regulate e-commerce.

Alibaba Group co-founder and executive chairman Jack Ma | Fabrice Coffrini/AFP via Getty Images

“This is something [that makes] us really worry … they say ah my children are doing that,'” said Ma. “Its their children [who] know how to regulate.”

Politicians who venture into the world of tech without mastering the lingo know that the backlash from the tech community over minor missteps can be blistering. Former U.K. Home Secretary Amber Rudd experienced that first hand when she said, in March 2017, that she wants help from people who “understand the necessary hashtags” in counterterrorism, only to be taken to task for misusing the Twitterverse term for a searchable keyword.

One cybersecurity business leader confronted Rudd during a debate about counterterrorism, saying he is worried that “legislators seem to fail to understand some core basics about how the technology [they] are trying to regulate works.”

But Rudd, who has two children, pushed back at that sort of tech elitism, which depicts politicians as hapless children in a world of technology. When politicians talk about tech, she said, “there is a hate-filled barrage that comes at you. Some of it comes from the PR advisers at some of the large companies that might not like what you are saying, so I have developed a little bit of a thick skin about this one.”

She added: “Of course we dont understand it in a way [the questioner did], but I dont think it should stop us at all to have the confidence to get the expertise from elsewhere and make sure we do protect people.”

Jeremy Wrights parliamentary private secretary, Nigel Huddleston, who was formerly head of travel at Google, acknowledged there is a gap between the world of tech and the world of legislators.

Half of the U.K. parliaments 650 MPs “would probably want to close down the internet tomorrow,” he joked, quipping that many of them struggled to turn on a photocopier.

“We are quite old school still in parliament, not the most technologically advanced group of people, making these important decisions,” he said on stage.

But that does not mean they are not getting expert advice, he said, reiterating the lawmakers are not setting policy “in isolation.”

Its fair to say many of those lawmakers have tech experts and consultants living in their homes: their kids.

Original Article

Tech
EnlargeGetty Images | NurPhoto

The attackers who carried out the mass hack that Facebook disclosed two weeks ago obtained user account data belonging to as many as 30 million users, the social network said on Friday. Some of that data—including phone numbers, email addresses, birth dates, searches, location check-ins, and the types of devices used to access the site—came from private accounts or was supposed to be restricted only to friends.

The revelation is the latest black eye for Facebook as it tries to recover from the scandal that came to light earlier this year in which Cambridge Analytica funneled highly personal details of more than 80 million users to an organization supporting then-presidential candidate Donald Trump. When Facebook disclosed the latest breach two weeks ago, CEO Mark Zuckerberg said he didnt know if it allowed attackers to steal users private data. Fridays update made clear that it did, although the 30 million people affected was less than the 50 million estimate previously given. Readers can check this link to see what, if any, data was obtained by the attackers.

On a conference call with reporters, Vice President of Product Management Guy Rosen said that at the request of the FBI, which is investigating the hack, Facebook isnt providing any information about who the attackers are or their motivations or intentions. That means that for now, affected users should be extra vigilant when reading emails, taking calls, and receiving other types of communications. The ability to know the search queries, location check-ins, phone numbers, email addresses, and other personal details of so many people gives the attackers the ability to send highly customized emails, texts, and voice calls that may try to trick people into turning over money, passwords, or other high-value information.

New York Times reporter Mike Isaac summed up the feeling of many affected Facebook users when he tweeted a screenshot of his stolen personal information.

“The fact that they've accessed my location history and search bar searches is particularly screwed up to me,” he wrote. “Excited for hackers to blackmail me with the data on how often i namesearch high school ex girlfriends.”

the fact that they've accessed my location history and search bar searches is particularly screwed up to me.

excited for hackers to blackmail me with the data on how often i namesearch high school ex girlfriends

— rat king (@MikeIsaac) October 12, 2018

Rosen said the breach started on September 14 and was active for 13 days until Facebook engineers fixed three security bugs that attackers had exploited in unison to obtain access tokens that keep users logged in to their accounts without requiring them to re-enter their passwords. The hack involved the "view as" feature that allows users to see how their account profiles look to others. It also involved a video upload feature. In all, the three-bug vulnerability that they exploited was active for more than two years. Rosen said he can't rule out that the different campaigns exploited the same vulnerability during that time.

The attackers, he said, began the attack by obtaining the access tokens of 400,000 seed accounts. The attackers were able to view largely the same information the users of the 400,000 compromised accounts could when viewing their own profiles, including timeline posts, a list of friends, groups the users belonged to, and the names of messenger conversations. The message content wasnt exposed except if the compromised account belonged to a page admin. The attackers then obtained access tokens for about 29 million users who were friends, or friends of friends, of these 400,000 seed accounts.

For a second group of about 15 million users, attackers stole names and contact details such as phone numbers and email addresses. The attackers stole the same names and contact information from a third group of about 14 million compromised accounts, along with additional details such as gender, relationship status, connected devices, and birthdates.

Rosen declined to say how the attackers went undetected for almost two weeks as they accessed 30 million accounts. Typically, large websites have measures in place to flag when a single person or a group of people with common or related IP addresses are logging in to a suspiciously large number of accounts. Its possible the attackers used VPNs or a botnet of infected computers to disguise their activity.

Rosen said the 30 million affected accounts were broadly distributed around the world, but he declined to give a breakdown. While he declined to say what Facebook officials know about the attackers or their motivations for stealing the data, he said Facebook has no reason to believe the hack had any connection to the midterm elections scheduled for next month.

Original Article

Tech
Enlarge / Flint Mayor Karen Weaver, pictured, called the award "just disrespectful."Getty | Bill Pugliano

Health officials in Michigan this week honored Dr. Eden Wells with the states top award for an eminent career in public health—despite that Wells is currently facing several charges in connection with the Flint water crisis, including involuntary manslaughter.

On Wednesday, the Michigan Department of Health and Human Services (MDHHS) announced that Wells was awarded the Roy R. Manty Distinguished Service Award from the Michigan Association for Local Public Health (MALPH) and the Michigan Public Health Association (MPHA).

The award is described by the two associations as the “highest individual award given by the local public health community.”

In a statement, Dr. Annette Mercatante, president of MALPH, explained the selection, saying:

Dr. Wells consistently provides local public health departments and practioners[sic] timely (usually immediate), intelligent, expert, reliable, and compassionate support for the entire array of expected and unexpected community health issues that arise daily in our State. Her contribution to the health and well-being of the people of Michigan is huge and greatly appreciated by all those privileged to work with her, and should be acknowledged on behalf of every person who lives or works in Michigan.

Wells took up the job of the chief medical executive for MDHHS in May 2015. That was just a year after state-appointed emergency managers made the catastrophic decision to switch the city of Flints water supply to cut costs. The swap from treated water sourced from Lake Huron and the Detroit River to improperly treated water from Flint River caused lead and other heavy metals from aging plumbing to pour into the citys water, exposing residents to dangerous levels.

Researchers also linked the water crisis to a flood of Legionnaires disease cases. The potentially life-threatening disease is caused by Legionella bacteria, which may have festered in the citys pipes after the improper treatment interfered with disinfectants and released bacterial nutrients into the tap water. Officials tallied around 100 Legionnaires cases, leading to 12 deaths in the wake of the water switch.

Flood of charges

Wells charge of involuntary manslaughter is linked to one of those 12 deaths—that of John Snyder in 2015. Prosecutors allege that Wells knew about the Legionnaires outbreak as early as March of 2015 but failed to warn the public. They also allege that she later lied about when she learned of the outbreak, saying it wasnt until late September or early October. The MDHHS did not issue a public advisory about the outbreak until January of 2016.

Wells was unexpectedly slapped with the involuntary manslaughter charge in October of last year. The charge was added to others, including willful neglect of duty, misconduct in office, and lying to a peace officer. Wells allegedly threatened to withhold funding from the Flint Area Community Health and Environment Partnership if it continued to investigate the outbreak, prosecutors say.

In light of the allegations, officials in Flint were stunned by her award. Flint Mayor Karen Weaver released a news statement Thursday, October 11, saying:

How is one honored for public health when they did not protect the health of the public? While I understand that we are innocent until proven guilty in this country, this is just disrespectful.

Wells legal team and supporters say Wells has been wrongly charged in the case and has championed the health of Flint residents in the wake of the water problems.

An additional 14 current and former state and local officials were criminally charged in connection with the water crisis. Five of those officials also face involuntary manslaughter charges, including director of Michigans Department of Health and Human Services, Nick Lyon.

Original Article

Tech

Archaeologists have discovered the body of a 10-year-old child at an ancient Roman site in Italy which they believe was ritually buried to prevent it rising again from the dead.

The skeletal remains were found by archaeologists from the University of Arizona (UA) and Stanford University, alongside Italians, with a stone placed purposefully in the child's mouth.

According to researchers, the stone was intentionally inserted as part of a funeral ritual designed to stopper disease and the body from rising after being buried.

The unusual so-called "vampire burial" was described as "extremely eerie and weird" by archaeologist and professor David Soren, who has been excavating the site in Teverina since 1987.

"I've never seen anything like it," said Professor Soren, a Regents' Professor in the UA school of anthropology and department of religious studies and classics.

"Locally, they're calling it the 'Vampire of Lugnano'."

The find was unearthed at La Necropoli dei Bambini, or the Cemetery of Children, a burial site which dates back to a malaria outbreak in 400 AD which killed many vulnerable babies and small children in the area.

Image: The 'vampire burial' was of a child from 400AD in Italy. Pic: David Pickel/Stanford

Archaeologists had previously believed the cemetery was exclusively for infants, toddlers and unborn fetuses – with the eldest body found of more than 50 burials being a three-year-old girl.

However the discovery of the 10-year-old, whose age could be measured from dental development but whose sex is unknown, suggests that it may have been a burial location for older children as well, according to bioarchaeologist Jordan Wilson.

"There are still sections of the cemetery that we haven't excavated yet, so we don't know if we'll find other older kids," said Mr Wilson, a doctoral student in anthropology at UA.

Excavation director David Pickel said: "Given the age of this child and its unique deposition, with the stone placed within his or her mouth, it represents, at the moment, an anomaly within an already abnormal cemetery,"

The UA and Stanford academic added: "This just further highlights how unique the infant – or now, rather, child – cemetery at Lugnano is."

The rock that was inserted into the child's mouth in this so-called "vampire burial." Credit: David Pickel/Stanford University
Image: The rock that was inserted into the child's mouth. Pic: David Pickel/Stanford

Previous excavations at La Necropoli dei Bambini have revealed the bones of infants and toddlers alongside objects associated with witchcraft and magic, including raven talons, toad bones, bronze cauldrons filled with ash and the remains of puppies that appear to have been sacrificed.

The body of the three-year-old girl discovered at the site had stones weighing down her hands and feet, a ritual practice used by many different cultures throughout history to prevent the dead from rising from their graves.

More from Italy

"We know that the Romans were very much concerned with this and would even go to the extent of employing witchcraft to keep the evil – whatever is contaminating the body – from coming out," said Professor Soren.

"It's a very human thing to have complicated feelings about the dead and wonder if that's really the end," Mr Wilson said.

Original Article

Tech

Facebook hackers who compromised the security of millions of users trawled through lists of friends, the company has revealed.

People's phone numbers and email addresses may have been read, the social network has admitted.

It also said it had "not ruled out the possibility of smaller-scale attacks".

The firm said last month that a feature called "View As", which allows users to see what their profile looks like to someone else, had become vulnerable.

That stemmed from a change the California-based company made to its video uploading feature in July 2017.

In a new update issued on Friday, Facebook said the "attackers" accessed two sets of information belonging to 15 million people – name and contact details.

These could include both phone number and email, it said, "depending on what people had on their profiles".

For a further 14 million people, hackers accessed the same information, plus "other details people had on their profiles".

The company said: "This included username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or pages they follow, and the 15 most recent searches."

Image: Facebook says it is 'cooperating with the FBI'

The accounts were found after the hackers initially stole the access tokens of "about 400,000 people", using an "automated technique to move from account to account".

The company added: "This technique automatically loaded those accounts' Facebook profiles, mirroring what these 400,000 people would have seen when looking at their own profiles.

"That includes posts on their timelines, their lists of friends, groups they are members of, and the names of recent Messenger conversations."

After saying last month that about 50 million people were affected, Facebook has now revised that figure down to 30 million.

One million people's information was not accessed at all, it said.

The attack "did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts".

Vice President of Product Management, Guy Rosen, said staff had been "working around the clock to investigate".

He added: "We're cooperating with the FBI, which is actively investigating and asked us not to discuss who may be behind this attack."

More from Facebook

Facebook said people could check whether they were affected by going to its help centre.

It also said it would be sending "customised messages to the 30 million people affected to explain what information the attackers might have accessed".

Original Article

Tech
  • The original backglass for the Medieval Madness pinball table. Note the blood on the swords, cigar in the troll's mouth, and bikini-clad woman in the bottom-left corner. Pinball News
  • Medieval Madness' backglass as seen in Pinball FX 3. The blood and cigar have been removed and the woman clad in heavier clothes.
  • The original playfield art for Fish Tales. Planetary Pinball Supply
  • A section of the Fish Tales playfield in Pinball FX 3. Close but no cigar.

Earlier this week, Zen Studios released its first set of four licensed Bally/Williams pinball tables as DLC for its popular Pinball FX3 digital simulation. That came as welcome news in the pinball community after 60 such licensed tables were removed from Farsight's competing The Pinball Arcade earlier this year.

But those new digital tables come with artistic alterations the developers say were made "to meet our age rating obligations" for the E10+-rated game. And those changes have some authenticity-focused pinball fans up in arms.

Pinball FX 3's digital recreations of the iconic Medieval Madness, Fish Tales, and Junk Yard tables feature many modifications to the original playfield, backglass, and side table art. Scantily clad women have been covered up with additional clothes or obstructions. Bloody swords have been cleaned. Cans of beer have been relabeled to be cans of soda. Characters smoking cigars have had the "pertinent items" (as the game's legal notice puts it) removed from their mouths.

In console versions of the game, the tables are also stuck on "Family Mode" settings, censoring spoken voice clips such as Medieval Madness' famous "I'm Lord Howard Hurtz, who the fuck are you?!" This setting can be toggled in the options for the Steam version of the game, which does not seem to have an official ESRB rating (but which does still feature the edits to the table art).

All of these changes are ostensibly to put the games' content in line with Pinball FX3's E10+ rating from the ESRB, which includes content descriptors for "Fantasy Violence" and "Mild Language." But versions of these tables that were previously available in The Pinball Arcade contained no such edits to the original art, even though that game also received an E10+ rating from the ESRB. (The Pinball Arcade did earn additional ESRB descriptors for "alcohol reference," "mild blood," and "suggestive themes," however).

The Pinball Arcade's ESRB Rating Summary explicitly makes note of content like "brief instances of violence," "an image of an altar with streaks of blood," "women wearing low-cut tops," "frothy mugs of beer," and "the word 'b*tchin.'" None of this content was deemed incompatible with that E10+ rating at the time, suggesting either that the ESRB has changed its standards or Zen Studios is being over-cautious in its modifications.

Who is this for?

Zen Studios didn't respond to a request for comment from Ars Technica. In a legal notice included with the game, though, the developer writes, "while painstakingly trying to keep the experience of playing these classic pinball tables as authentic and as close to the original as possible, in order to meet our age rating obligations, we were compelled to tone down or adjust the following pertinent contents of the table."

In an FAQ posted last month, Zen also notes that it is "very aware that certain tables, such as Medieval Madness, have content that cannot be included in an E10+ rated game… This is a complicated issue with varying ideas and opinions, and it directly intersects huge stakeholders including legal, business, product, and community. Zens first obligation is to provide age-appropriate content within the games rating. We hear from both sides… and we will work to find the right balance for this situation."

These artistic changes might seem relatively small, especially considering that many are limited to backglass and side art that is rarely visible when playing these digital recreations (and none of these changes affect the physics or gameplay of the tables directly). But that hasn't stopped many pinball aficionados from complaining about the changes online.

"Personally I'm not against promoting pinball to youngers [sic], but doing it in way of cutting out content from tables is ruining whole idea of proper tables recreation which many of us were waited for for so long time and finally have license of guys with enough skill and expirience [sic] to do it right," user russian_martian writes on the game's Steam forums.

"I work in the Pinball Reproduction industry and let me tell you, 'We,' including myself are some of the most picky people you could ever know," user Canadian Badass adds in a separate thread. "We like our pinball authentic, right down to a shade of color being incorrect can throw everyone into a talespin. So those who think that removing that little cigar from the mouth on Fishtales is not a big deal, those are surely mistaken."

Some pinball fans also worry about what this kind of self-censorship might mean for future Pinball FX3 recreations of classic tables, some of which include scenes of violence (Terminator 2: Judgement Day), gambling (Jack Bot), or partial nudity (The Machine: Bride of Pin-Bot).

It's hard to blame Zen Studios for not wanting to risk a somewhat risque T rating that could limit the game's sales among content-conscious families. At the same time, the core audience for a recreation like this is probably adults who grew up during pinball's heyday, and that audience likely wants those classic tables recreated as authentically as possible.

(For what it's worth, we're also not aware of any arcade owners who kept these original tables in age-gated rooms away from children's sensitive eyes.)

Zen Studios also seems aware of the primary audience for these recreations. In a "Making Of" video posted on YouTube, Zen Designer Gergo Kovacs says directly that "our goal is to bring back the feeling when you first looked at these classics in real life." Other designers note in the video that "we are trying to get as close to the original pinball machine as we can get," and that "these machines are going to be as close to realistic as we can make them."

Hopefully some accommodation can be made to thread the needle between the ESRB's ratings requirements and the core audience's desire for authenticity. For now, the compromise position isn't earning Zen Studios a lot of goodwill among classic pinball fans.

Listing image by Pinball News

Original Article