Editor’s Note: This is the TechSummit Rewind, a daily recap of the top technology headlines.
Cardinals face FBI inquiry for allegedly hacking Astros’ network
FBI and Justice Department prosecutors are investigating whether St. Louis Cardinal front-office officials hacked into the Houston Astros’ internal networks to steal closely guarded information about player personnel.
Cardinals officials broke into an Astros network that housed special databases the team built, according to law enforcement officials. Internal discussions about trades, proprietary statistics, and scouting ports were compromised, according to officials.
Major League Baseball “has been aware of and has fully cooperated with the federal investigation into the illegal breach of the Astros’ baseball operations database,” according to MLB commissioner Rob Manfred’s spokesman.
“The St. Louis Cardinals are aware of the investigation into the security breach of the Houston Astros’ database. The team has fully cooperated with the investigation and will continue to do so. Given that this is an ongoing federal investigation, it is not appropriate for us to comment further.”
-The St. Louis Cardinals, in a statement
Snapchat debuts first sponsored geofilter at U.S. McDonald’s locations
McDonald’s is now sponsoring a geofilter, location-centric digital stickers that users can use in Snaps taken in specific places. Customers in its U.S. stores can now plaster images of double cheeseburgers and overflowing pouches of fries onto their Snaps.
“Snapchat is about storytelling and geofilters are a fun, visual way for Snapchatters to tell their friends where they are and what they’re up to.”
-Mary Ritti, Snapchat spokeswoman
“Capabilities in the social space like geofilters that help us to authentically connect with our fans, will absolutely be an opportunity that we explore.”
-Jerry Shen, Blaze Pizza senior marketing manager
Google expands security rewards to Android device bugs
Google has launched the Android Security Rewards program, which pays researchers who find and disclose vulnerabilities in the company’s mobile operating system. The program currently supports the Nexus 6 and the Nexus 9.
Eligible bugs include those in Android Open Source Project (AOSP) code, libraries and drivers (OEM code), the Android kernel, and the TrustZone OS and modules. Vulnerabilities in other non-Android code, like the code that runs in chipset firmware, may be eligible if they impact Android’s overall security.
Android Security Rewards includes monetary rewards and public recognition for vulnerabilities disclosed to the Android security team. The reward level is based on the bug’s severity and the report’s quality. Only a vulnerability’s first report will be rewarded.
Google promises to pay for reproduction code, patches, and tests for vulnerabilities affecting Nexus phones and tablets, according to the company. Other Google devices are not eligible for Android Security Rewards.
Larger rewards are given to security researchers that invest in tests and patches that work around Android’s platform security features like ASLR, NX, and sandboxing. Google’s base rewards are $2,000 for critical, $1,000 for high, and $500 for moderate security vulnerabilities.
Up to 1.5x the base amount will be rewarded if the bug report includes standalone reproduction code or a standalone test case, and up to double will be rewarded if the bug report includes a patch that fixes the issue or a CTS test that detects it. If both are provided, there’s a potential 4x reward modifier.
There are also extra rewards for functional exploits:
- An exploit or chain of exploits leading to a kernel compromise from an installed app or with physical access to the device will get up to an additional $10,000. Going through a remote or proximal attack vector can get up to an additional $20,000.
- An exploit or chain or exploits leading to TEE (TrustZone) or Verified Boot compromise from an installed app or with physical access to an additional $20,000. Going through a remote or proximal attack vector can get up to an additional $30,0000.
In the end, the final amount is up to the Android security team. Of course, the above bugs can’t already be covered by Google’s other reward programs.
Android will continue to participate in Google’s Patch Rewards Program, which pays for contributions that improve the security of various open source projects.
“As we have often said, open security research is a key strength of the Android platform. The more security research there is focused on Android – the stronger it will become.”
If you’re not interested in money and you discover a bug, the company will offer to donate double your reward to an established charity. After 12 months, unclaimed rewards will be donated to a charity of Google’s choosing.
Consumer groups back out of face recognition talks
Nine civil liberties and consumer advocate groups are withdrawing from talks with trade associations on how to write guidelines for the fair commercial use of facial recognition technology for consumers.
In the last 16 months, the two sides met periodically under the auspices of the National Telecommunications & Information Administration (NTIA), a division of the Commerce Department.
“The process is the strongest when all interested parties participate and are willing to engage on all issues. [The agency] will continue to facilitate meetings on this topic for those stakeholders who want to participate.”
-Juliana Gruenwald, NTIA spokeswoman
With or without the consumer advocates, the participants intend to continue trying to develop a workable facial recognition privacy, according to NetChoice policy counsel Carl Szabo.
“We think we can reach consensus on transparency, notice, data security and giving users meaningful control over the sharing of their facial recognition information with anyone who otherwise would not have access.”
-Carl Szabo, policy counsel for e-commerce trade association NetChoice
“I would say that no one’s privacy is better off as a result.”
-Alvaro Bedoya, Center on Privacy & Technology at Georgetown University’s Law Center executive director
Consumer advocates were troubled by the possibility that the federally convened face recognition discussions could end up endorsing an industry code of conduct that undermined those state laws, according to Bedoya.
“The message sent is clear. If you are a consumer, and you want better privacy laws, you should call your state legislator and head to your state capitol. Just don’t come to Washington, D.C.”
Adobe announces 2015 Creative Cloud updates, new Stock service
All of Adobe’s Creative Cloud desktop apps, including Photoshop, Illustrator, InDesign, Dreamweaver, Lightroom, Premiere Pro, and After Effects, will receive updates in the company’s 2015 Creative Cloud update.
The updates bring new features and performance enhancements with “Adobe Magic” to all of the company’s Creative Cloud apps, notably including Linked Assets that will allow assets within Creative Cloud Libraries to be updated whenever a change is made, ensuring the update is available to all team members in Photoshop, Illustrator, and InDesign.
Photoshop CC is getting Artboards, letting artists create multiple design surfaces within a single document for a bird’s eye view of all designs at once. There’s also a new preview feature called Photoshop Design Space, which lets users create design-focused desktop tool layouts that ignore unnecessary tools. The exporting experience has been improved, and the Spot Healing Brush and Patch tools are now 120 times faster than in Photoshop CS6 because of Mercury Graphics Engine enhancements.
Both Photoshop and Lightroom CC are getting new haze removal features that will allow haze to be added or removed to a photograph with a click, and Photoshop now has the ability to add noise to Blur Gallery effects.
Illustrator CC has been updated with significant performance improvements, making it 10 times faster than CS6. Zoom magnification is also 10x higher, reaching up to 64,000% instead of 6,400%, and there’s a new Chart interface that makes creating custom charts and graphics easier.
Premiere Pro CC, Adobe’s video editing software, has gained a new Lumetri Color panel that simplifies color workflows with better color correction tools and intuitive sliders, and the app has access to Creative Cloud Libraries. Morph Cut improves jump cuts between sound bites in interviews for a “more polished” experience, according to Adobe, and support of the company’s Premiere Clip mobile app has been improved. Premiere Clip projects will now open directly in Premiere Pro for easier editing between mobile and desktop.
After Effects CC now has a face tracking feature that allows users to create a tracking mask to apply effects like color correction or blurring only to a face without needing frame-by-frame adjustments. Like Premiere Pro CC, After Effects includes Creative Cloud Libraries for in-app access to assets, and there’s a new Simplified Preview to help new users get used to the motion graphics and visual effects available.
After Effects’ biggest addition is the Adobe Character Animator, which lets 2D characters be animated through a webcam that tracks real-time facial movements. This can be used to create realistic motion effects and record dialog.
Minor updates also have come to InDesign CC, Dreamweaver CC, Muse CC, Flash Pro CC, as well as the rest of Creative Cloud’s apps.
The company is also introducing the Adobe Stock service, which is integrated into all of Adobe’s Creative Cloud apps to provide access to stock images. Stock can be used for $9.99 per images, but two monthly plans are available:
- $49.99/month: 10 images
- $199.99/month: 750 images
Adobe Stock is available to all customers, but CC subscribers can get the 10 image monthly plan for $29.99/month.
The updates are accompanied by the launch of iOS app Adobe Hue, which captures color palettes from photographs to create looks that can be uploaded to your Creative Cloud Library.
These updates are available now.