Critics Say New Evidence Linking North Korea to the Sony Hack Is Still Flimsy


Cars pass by the entrance to Sony Pictures Entertainment Inc. studios in Culver City, Calif.

Cars pass by the entrance to Sony Pictures Entertainment Inc. studios in Culver City, Calif. Patrick T. Fallon/Bloomberg/Getty Images



If the FBI’s revelations on Wednesday about the sloppiness of North Korea’s hackers was meant to silence critics who doubt the government’s attribution for what happened to Sony, it failed.


Despite assertions from FBI Director James Comey that he has very high confidence in the attribution to North Korea and a statement by Director of National Intelligence James Clapper that North Korean General Kim Youn Choi was directly responsible for ordering the attack, security experts still doubt the veracity of the claims based on the evidence provided so far.


This includes a new detail from Comey that the attackers failed to use proxy servers through which to route some of their activity and mask their real IP addresses. As a result, Comey said, they unintentionally revealed that they were using addresses known to be “exclusively” used by North Korea. The new claim builds upon previous evidence cited by the FBI that components used in the Sony hack are similar or identical to components used in the so-called DarkSeoul attacks that struck South Korea last year and another claim that an IP address “associated with known North Korean infrastructure” contacted one of the command-and-control servers used in the Sony hack.


Critics have already responded to the previous evidence, so let’s examine the new information, with the understanding that this is not all the evidence the FBI possesses. Indeed, there may be signals intelligence obtained by the NSA or other intelligence agencies that provides better proof than what has been disclosed so far. Though, even accounting for this possibility, officials still haven’t explained why, if the attack was perpetrated by North Korea over the film The Interview, the initial communication between the hackers and Sony employees didn’t discuss the movie, but instead demanded money in an apparent extortion attempt over unspecified demands.


Claim: Hackers Failed to Mask Their IP Addresses


Comey, speaking on Wednesday at a cybersecurity conference at Fordham University, said the attackers had been careful to mask their real IP addresses by using proxy servers for most of their activity. But they apparently got sloppy and sent some emails to Sony executives and published some posts online without using a proxy. The references to posts is unclear, but according to a Wired reporter at the event, he said the word “paste” before correcting himself, suggesting this might refer to Pastebin posts the hackers made after the hack was exposed, when they were leaking Sony data to the public.


“In nearly every case,” Comey said, “[the Sony hackers] used proxy servers to disguise where they were coming from in sending these emails and posting these statements. But several times they got sloppy,” Comey said. “Several times, either because they forgot or because of a technical problem, they connected directly and we could see that the IPs they were using…were exclusively used by the North Koreans.” He added that, “[t]hey shut it off very quickly once they saw the mistake. But not before we saw where it was coming from.”


Comey wouldn’t take any questions from reporters at the event, but anonymous government officials did elaborate a bit in private to the New York Times. A story published Wednesday night quoted officials who said the Sony attackers, who go by the name Guardians of Peace, mistakenly logged into their Guardians of Peace Facebook account as well as Sony’s servers using IP addresses used by North Korea.


It was clear, the officials told the Times, that the hackers quickly realized their error because in several cases, after mistakenly logging in to these systems using the North Korea IP addresses, they “quickly backtracked and rerouted their attacks and messages through decoy computers abroad.”


It’s unclear if the Facebook posts are the same posts that Comey was referring to, or if Comey’s remarks, combined with the remarks of the anonymous officials, means that in at least four different cases the attackers exposed their real IP addresses: in sending emails to Sony executives, in logging into the Sony servers, in posting messages to Pastebin and in accessing the Facebook account.


“These guys literally burnt Sony down to hide their tracks and they staged everything pretty methodically.”


Neither Comey nor the Times sources mentioned when these incidents occurred, but the Times notes that “[b]efore the attacks in November, Sony Pictures was threatened in a series of messages posted to a Facebook account set up by a group calling itself ‘Guardians of Peace.’ After Facebook closed that account in November, the group changed its messaging platform and began sending threats in emails to Sony and on the anonymous posting site Pastebin.”


The timing of the mistakes could be important because within days after the hack was first exposed, stories about North Korea’s possible role in it were already being published, which would raise the possibility that if the hackers knew investigators were looking for North Korean links, they may have decided to provide them by using North Korean IP addresses. But that’s assuming the IP addresses the FBI cites are indeed North Korea IP addresses.


This is the main issue that critics have with all of the information the FBI has so far provided about the IP addresses: without knowing the exact IP addresses and what’s on the other end of them (a mail server, a web server, a laptop) or why officials concluded the addresses are used exclusively by North Korea, the public has little to go on to trust the government’s assessment.


But two of the most vocal FBI critics, Marc Rogers and Robert Graham, are united in their criticism of this evidence, pointing out the fallibility of IP addresses as proof of origin and the fallibility of asserting that the addresses are used exclusively by North Korea. Rogers also questions the revelation that the hackers made such a newbie mistake as forgetting to use a proxy to hide their IP address.


“It is plausible that a hacker could make a mistake and not use a proxy,” says Rogers, principal security researcher for the security firm CloudFlare and head of security for the Def Con hacker conference. “These guys literally burnt Sony down to hide their tracks and they staged everything pretty methodically. It would surprise me that somebody like that would make such a huge mistake to forget to use a proxy.”


However, Jeffrey Carr, a security consultant and CEO of Taia Global, notes that the alleged slip-up, and Comey’s language describing it, are remarkably similar to what occurred in the destructive DarkSeoul attacks that struck media and bank networks in South Korea last year. According to a South Korean publication, “A technical blunder by a hacker appears to have reinforced what South Korea has long suspected: North Korea has been behind several hacking attacks on South Korea in recent years…The hacker exposed the IP address (175.45.178.xx) for up to several minutes due to technical problems in a communication network, giving South Korea a rare clue into tracing the origin of the hacking attack that took place on March 20, according to South Korean officials.”


It’s not known if this is the same IP address used in the Sony hack. But the attribution of the DarkSeoul hack to North Korea has partly fueled the attribution of the Sony hack to North Korea, as well. Because officials say the attackers in both cases used some of the same tools to conduct their attack and the DarkSeoul hack was done by North Korea, then the Sony hack was done by North Korea as well. But it should be noted that some have disputed the DarkSeoul attribution, including Carr.


In any case, critics of the FBI say it’s possible that the North Korean IP addresses the FBI is identifying in the Sony hack were themselves proxies—that is, systems the attackers hijacked to conduct their activity.


Statements by Comey and anonymous government officials that the hackers “shut it off very quickly once they saw the mistake” and went back to using known proxies, imply that the hackers had unintentionally used the IP addresses and quickly cut their connection to the Sony server. But if it was a case that the hackers had simply hijacked a North Korean system to conduct their activity, their sudden abandonment of that IP address could mean simply that they decided to stop using that proxy for some technical reason, that the hijacked system was taken offline for some reason, or they got kicked out of the system by its owner.


“It would surprise me that somebody like that would make such a huge mistake to forget to use a proxy.”


“That can mean so many different things,” says Robert Graham, CEO of Errata Security. “It sounds like that’s the interpretation [the FBI] put on things, but not necessarily what happened.”


Interpreting forensic data is fraught with problems, primarily because the same data can be viewed differently by different security researchers. Graham points to analysis of the Witty worm attack as a prime example. That malicious worm, unleashed a decade ago, was designed to destroy random data on machines it infected. Smart experts who examined the worm and infection data found patient zero—the system from which the infection began—and concluded that from there the worm had struck a hit-list of 50 initial computers at the Fort Huachuca Army base in Arizona before spreading to other systems. This led to speculation that the worm was either an inside job by someone at the base or was an external attack that targeted the base. But Graham came to a different conclusion: that the machines, which were all on the same Army network but not, it turns out, at the same base, were infected at different points and by different machines. The infection of 50 systems on the same network, and the erroneous belief that they were in the same location, only made it appear that they had all been hit by patient zero as part of a targeted attack.


“I came up with a different explanation and mine was right and theirs was wrong,” Graham says. “But if you read their document, you would say their interpretation is the only possible correct one. Until you read my explanation, and you realize why the first one is wrong. And that’s the way all data is when you look at these things.”


Claim: The IP Addresses Were Used Exclusively By North Korea


In the same way critics are skeptical that the exposed IP addresses were the real source of the attack, they also scoff at the FBI’s assertion that the IP addresses were used exclusively by North Korea.


It’s difficult to know what to make of the FBI’s claim without knowing the specific IP addresses in question. The FBI described them as ones used by North Korea, but didn’t say they were inside North Korea, which can mean a number of things. Either they’re IP addresses registered by North Korea’s only ISP—Star Joint Venture—or they’re IP addresses assigned to North Korea by another ISP it uses in China. Or it could refer to satellite IP addresses that North Korea uses, which would render the IP addresses to multiple locations. Or it could refer to entirely different IP addresses in other countries, such as China, Japan or other places where North Korea is said to have hackers. But regardless of where the addresses are located, it’s the assertion by authorities that they are used exclusively by North Korea that has critics most skeptical.


Even if the government can show that North Koreans have exclusively used these IP addresses in the past, the system used by that address could have since been compromised by the Sony hackers.


Carr points out the issues with this kind of attribution in relation to the DarkSeoul hack. He notes in a blog post that the IP address identified in the DarkSeoul case, which served as the key evidence in linking that attack to North Korea, is registered to Star Joint Venture—which is a joint venture between the North Korean government and Loxley Pacific Company in Thailand. As such, he notes, a hacker might gain access to North Korea systems and infrastructure by compromising Loxley. “It would be a simple matter to gain access to Loxley’s or Loxpac’s network via an insider or through a spear phishing attack,” he writes, “and then browse through NK’s intranet with trusted Loxpac credentials.”


We should note, however, that South Korea didn’t only use the North Korea IP address to attribute the DarkSeoul attack to North Korea. But the IP address attribution in the DarkSeoul case still carries the same quandary that the Sony hack carries: how do investigators know that an IP address is used only by North Korea?


Eliminating the possibility that others may have hijacked the servers or systems at these addresses for their own use would require more than simple traffic analysis pinning an intrusion to an IP address.


“If this IP address is exclusively used by the North Koreans, then the only source that information could come from is signals intelligence,” says Rogers. “That’s the only way they could be monitoring someone else’s IP address.”


If this is the trump card the government has, it’s not sharing.


Asked if it doesn’t give him pause that Comey and the intelligence community are so confident in their findings, Graham says no, because “if you’re really looking for something, you can always tie things back to the way you want them to be seen. It’s all a matter of perspective.”


Similarly he’s suspicious of claims that a North Korean general directed the attack on Sony. Does it mean North Korea conducted the hack? Or does it mean a North Korean agent was on a forum where one of the Sony hackers also spent time and the two struck a deal? Or does it mean something else entirely?


“They certainly know things beyond what they’re telling us,” he says, “but at the same time, they’re not telling us things that are critical [to know].”


There are some, however, who believe that nothing will satisfy the skeptics.


Richard Bejtlich, chief security strategist for FireEye, the company hired by Sony to help investigate and clean up after the attack, told the Daily Beast: “I don’t expect anything the FBI says will persuade Sony truthers. The issue has more to do with truthers’ lack of trust in government, law enforcement, and the intelligence community. Whatever the FBI says, the truthers will create alternative hypotheses that try to challenge the ‘official story.’ Resistance to authority is embedded in the culture of much of the ‘hacker community,’ and reaction to the government’s stance on Sony attribution is just the latest example.”



The Interface of Things: A Universal Remote for Your Life


Ford's Sync.

Ford’s Sync. Ford



When was the last time you tried to use the speech recognition feature on your phone or in your car? Maybe it was to ask your GPS program for directions, to place a call without taking your eyes off of the road or to check on traffic ahead.


Did it work? If your experience is like mine, you probably had marginal success. For example: my GPS system only hears me correctly about 50 percent of the time and struggles with street or town names. Admittedly, my Boston accent, coupled with the noisy environment of my car, doesn’t make things easier. Having been forced to pull over on several occasions to manually input my destination, I now make it a point to enter the location into my GPS before I hit the road.


According to a recent study by AAA on the potential safety risks of hands-free systems for vehicles, a detour in your morning commute could be the least of your concerns. The report found that voice-command systems can cause distracted driving, even if a driver’s eyes are on the road and both hands are on the wheel. This recent phenomenon, called “inattention blindness,” is as dangerous as manual texting while driving.


Common barriers like these have marginalized the value of voice recognition technology in smart devices, relegating its primary purpose to entertainment and infotainment status. Look no further than the Google Now commercial where a child asks if dogs can dream, or the new Amazon Echo interactive speaker, which serves as a nifty way to dictate notes or ask about the weather (and more importantly, to add things to your Amazon shopping list.) When it comes to the important things, most people opt for solutions that are sure to work every time.


Consumer research backs this up, too: according to a recent study by Affinnova, 41 percent of Americans feel strongly that the smart products they’ve seen or heard about are gimmicky. More than half say they won’t upgrade to a smart product until the maker can prove it has value beyond novelty.


For smart devices to take off, we need to focus on the interface. This means speech recognition that works regardless of background noise, accents or barking dogs and natural language understanding capabilities that understand not just what’s being said or typed, but the intent behind it. Because whether via speech, text or touch, the interface is the critical link that can turn a novelty into a must-have.


Here’s four key reasons to master the “Interface of Things”:



  1. Interacting with the Internet of Things: The Internet of Things (IoT) holds the promise to transform the way we live by creating vehicles, appliances, devices and services that communicate naturally and share information to anticipate needs and next steps. But what good is the Internet of Things if we can’t interface with it? Whether powered by speech, touch or text, the true power of the much-hyped IoT will never be realized unless we can interact with it as naturally as one another.

  2. Simplifying the Connected Life: As we transition from living in a connected world to living a connected lifestyle, the need to interface with ease will be of paramount importance. Remember when the universal remote replaced the individual remotes needed for the TV, cable box, and VCR? What if you could get rid of the remote control entirely and just tell your TV to find your show? The Interface of Things – powered by our voice – will be the universal remote for the hundreds, if not thousands, of connected devices we’ll encounter every day.

  3. Being There When it Really Matters: A mix-up in speech recognition today can lead to frustration or embarrassment; have you ever inadvertently called your boss when you were trying to reach your best friend? But when it comes to mission critical tasks like getting help when you’re stranded on the side of the road, or turning off your home alarm so your son can get in after school, you need the interface to work. And when it works, consumers will begin to adopt smart devices as tools that improve their way of life.

  4. Realizing the Promise of Star Trek Tech: It’s hard to talk about the future without looking back at what science fiction has offered over the last 50 years. From a medical tricorder to 3-D printing, many of the impossible innovations from Star Trek are now becoming a reality. Speech recognition technology is no different, and the Interface of Things will allow anyone to step into their home, office or automobile and make a request with the confidence of a Star Fleet captain.


Although still somewhat marginalized as a toy for entertainment, developers, enterprises and other visionaries are clamoring for speech recognition technology that is reliable enough to power devices and applications that operate in “can’t fail” situations.


Solutions that will lead the way will incorporate multiple recognition methods so that when difficulties in understanding are encountered, the device has a backup to ensure accuracy of intent. They will also be multimodal, incorporating not only verbal inputs, but gestures and text input as well. And finally, solutions need to be personalized and maintain context to remove frustration and eliminate unnecessary, distracting steps. The good news is this level of reliability – the Interface of Things – is not as far off in the future as many people may think.


What’s holding speech recognition back? Is it the technology, the lack of providers, or something else? How would you use the Interface of Things if it was available today?


Mike Iacobucci is President and CEO of Interactions Corporation.



Yahoo’s Share of US Search Traffic Rises After Its Firefox Deal


The Yahoo headquarters in Sunnyvale, California.

The Yahoo headquarters in Sunnyvale, California. Kristoffer Tripplaar/AP





Things are looking up for Yahoo. At least a bit.

The venerable internet company has made some significant gains in the US internet search market, while Google has experienced its biggest drop in market share since 2009, according to analytics firm StatCounter. The changes come after a deal made back in November, when Mozilla’s Firefox browser switched its default search engine from Google to Yahoo.


According to StatCounter, Google now has its smallest share of the US search market since at least 2008. Its share fell to 75.2 percent in December from 77.5 percent the previous month. Yahoo’s share, meanwhile, leapt from 7.4 percent to 10.4 percent, and its mobile search traffic saw similar growth, from 8 percent to 10 percent.


The gain is natural considering the widespread use of Firefox. In December, according to StatCounter, Firefox accounted for about 14 percent of US browsers.


Yahoo’s standing in the industry has been shaky as of late. With ever-increasing competition from behemoths like Google and Facebook, an evolving online landscape, and a digital advertising business on the decline, the company is facing some big challenges. But it’s not all bad news.



A Clever Plan to Teach Schoolkids New Languages With a Free App


duolingo-chalkboard

Getty Images



In developing countries like Ethiopia, Malaysia, and Mozambique, the market for English language learning is red hot. These are places where, often, English proficiency is seen as a stepping stone to a better job and a one-way ticket out of poverty. But one major kink in that plan is the fact that in many cases, the English teachers within these countries don’t speak English either. And so, the cycle continues.

But Luis von Ahn believes his app could play a key role in breaking that cycle. Von Ahn is the co-founder of Duolingo, a free language learning app that launched two and a half years ago and has since amassed a whopping 60 million users worldwide.


As big as Duolingo—and indeed, the entire online learning market—has become outside the classroom, von Ahn knows that language education still has a crucial place in schools. That’s why, on Thursday, the Pittsburgh-based startup is launching a new platform called Duolingo for Schools, which will help teachers track student activity on the app and tailor their lectures in the classroom, accordingly.


“It’s hard to know how many, but we think right now we have a few thousand teachers using Duolingo without this feature,” von Ahn says. “I think this will multiply that by a factor of ten, easily.”


Duolingo’s success is part of a groundswell of activity in the online learning space. In recent years, thanks to the explosive growth of platforms like Coursera and edX, the idea that you can get a quality education for free online has gone mainstream.


The New Model


That’s one reason why, in the early days, von Ahn and his co-founders Brendan Meeder and Severin Hacker intentionally designed Duolingo not for large school systems, but for a mass audience of international language learners. They objected to the fact that most mainstream products for learning a new language, like Rosetta Stone, are still prohibitively expensive, despite the huge and growing demand for English language education in poverty-stricken places.


Duolingo co-founders Severin Hacker and Luis von Ahn.

Duolingo co-founders Severin Hacker and Luis von Ahn. Duolingo



“It’s like the main reason you want to learn English is to get out of poverty,” says von Ahn, who hails from Guatemala, “but you need $500 to do it.”


So, the co-founders developed a novel business model to pay for the free service. When students finish a lesson in Duolingo, they can test their newfound knowledge by translating a piece of text in a news article. Companies like CNN and Buzzfeed pay Duolingo for these crowdsourced translations, and now, according to von Ahn, Duolingo’s millions of students churn out several hundred articles a day.


Whether or not Duolingo’s founders designed the products for schools, teachers slowly but surely began incorporating it into the classroom anyway, albeit with some clunky workarounds. “They do these weird things where they have all the students use Duolingo, and at the end, the teacher goes around writing what the students did,” von Ahn says. “It’s pretty cumbersome.”


Now, teachers will be able to create an account that tracks all of their students to see who’s struggling with or excelling at which skills. What’s more, the system learns from student performance to help teachers understand the best ways to teach a given subject.


“If we want to figure out if we should teach plurals before adjectives, we run a test,” von Ahn explains. “It could take you years to figure that out, otherwise. This year you’d have to teach it one way, and next year you teach it another way, and maybe after ten years you figure out plurals are better than adjectives first. Yes, teachers have been doing it way longer, but we can iterate way faster.”


The Teacher Caveat


Despite these advantages, some academics caution that an app like Duolingo can never replace the teacher—or the textbook—particularly at the university level. “You can review vocabulary and practice verb forms, but it’s not giving you any cultural context,” says Elise Mueller, an academic technology consultant, specializing in language teaching and technology at Duke University.


“It’s great that it’s free and available to people, and it does support language learning, but the main pushback is: it can’t be the primary way you’re learning a language.”


Still, Mueller concedes that for younger learners, Duolingo may become a worthwhile addition to the classroom. “It’s great, because it’s addictive,” she says. “Instead of having to do your homework and learn vocabulary the hard way, you’re pulled into it.”



Uber’s New Moving Service in Hong Kong Is No Mere Stunt


ubercargo

Uber



Uber has proven many times over that it’s good for more than just ride-hailing. In the past, the app has acted as a Christmas tree delivery service, an ice cream truck-hailing app, an on-demand kitten-cuddling business, and, when San Francisco legalized gay marriage last summer, a full-fledged wedding planner. These were all marketing stunts, sure. But they proved how nimble (sometimes bizarrely so) Uber’s business model is.


Now, the company is using these skills for a more practical purpose.


With the flip of a switch, Uber can mutate into whatever type of transportation system it chooses.


On Wednesday, Uber announced the launch of UberCargo, a moving service currently being tested in Hong Kong. Similar to UberMovers, a service Uber offered college students last August to help them move out of their dorm rooms, UberCargo lets people hail a van, load it with their stuff, and cart it across town. They’re not even required to ride along with it.


The news in and of itself isn’t groundbreaking, except that it provides one compelling example of Uber’s ambitions to be a full-fledged logistics company. Uber’s $40 billion valuation makes it more valuable than the entire U.S. taxi and limousine industry. That’s largely due to the fact that, with the flip of a switch, Uber can mutate into whatever type of transportation system it chooses. Its vast network of drivers and the technology that supports them are extremely flexible, and projects like UberCargo prove as much.


While Uber mostly showcases that fact with hair-brained antics, this isn’t the first time Uber has tested a viable business model outside of ride-hailing. UberFRESH, which is currently operating only in Los Angeles, competes with services like SeamlessWeb and Delivery.com in the food delivery space. UberRUSH, operating only in New York City, is a courier service for shuttling small deliveries around town. And this summer, Uber even took on tech giants like Amazon and Google with the launch of Uber Corner Store, a service that promises delivery of staple items from local stores in 10 minutes or less.


In a blog post on UberCargo, Uber called the project an “Uber Everything experiment focused on making every day city living easier so you have more time to do what matter most.” Each of these small scale tests—yes, even the wacky ones—gives Uber a better idea of whether consumers actually want to use Uber for all of their needs. As Uber continues to expand, even in the face of so much regulatory backlash, it seems all signs point to yes.



Critics Say New Evidence Linking North Korea to the Sony Hack Is Still Flimsy


Cars pass by the entrance to Sony Pictures Entertainment Inc. studios in Culver City, Calif.

Cars pass by the entrance to Sony Pictures Entertainment Inc. studios in Culver City, Calif. Patrick T. Fallon/Bloomberg/Getty Images



If the FBI’s revelations on Wednesday about the sloppiness of North Korea’s hackers was meant to silence critics who doubt the government’s attribution for what happened to Sony, it failed.


Despite assertions from FBI Director James Comey that he has very high confidence in the attribution to North Korea and a statement by Director of National Intelligence James Clapper that North Korean General Kim Youn Choi was directly responsible for ordering the attack, security experts still doubt the veracity of the claims based on the evidence provided so far.


This includes a new detail from Comey that the attackers failed to use proxy servers through which to route some of their activity and mask their real IP addresses. As a result, Comey said, they unintentionally revealed that they were using addresses known to be “exclusively” used by North Korea. The new claim builds upon previous evidence cited by the FBI that components used in the Sony hack are similar or identical to components used in the so-called DarkSeoul attacks that struck South Korea last year and another claim that an IP address “associated with known North Korean infrastructure” contacted one of the command-and-control servers used in the Sony hack.


Critics have already responded to the previous evidence, so let’s examine the new information, with the understanding that this is not all the evidence the FBI possesses. Indeed, there may be signals intelligence obtained by the NSA or other intelligence agencies that provides better proof than what has been disclosed so far. Though, even accounting for this possibility, officials still haven’t explained why, if the attack was perpetrated by North Korea over the film The Interview, the initial communication between the hackers and Sony employees didn’t discuss the movie, but instead demanded money in an apparent extortion attempt over unspecified demands.


Claim: Hackers Failed to Mask Their IP Addresses


Comey, speaking on Wednesday at a cybersecurity conference at Fordham University, said the attackers had been careful to mask their real IP addresses by using proxy servers for most of their activity. But they apparently got sloppy and sent some emails to Sony executives and published some posts online without using a proxy. The references to posts is unclear, but according to a Wired reporter at the event, he said the word “paste” before correcting himself, suggesting this might refer to Pastebin posts the hackers made after the hack was exposed, when they were leaking Sony data to the public.


“In nearly every case,” Comey said, “[the Sony hackers] used proxy servers to disguise where they were coming from in sending these emails and posting these statements. But several times they got sloppy,” Comey said. “Several times, either because they forgot or because of a technical problem, they connected directly and we could see that the IPs they were using…were exclusively used by the North Koreans.” He added that, “[t]hey shut it off very quickly once they saw the mistake. But not before we saw where it was coming from.”


Comey wouldn’t take any questions from reporters at the event, but anonymous government officials did elaborate a bit in private to the New York Times. A story published Wednesday night quoted officials who said the Sony attackers, who go by the name Guardians of Peace, mistakenly logged into their Guardians of Peace Facebook account as well as Sony’s servers using IP addresses used by North Korea.


It was clear, the officials told the Times, that the hackers quickly realized their error because in several cases, after mistakenly logging in to these systems using the North Korea IP addresses, they “quickly backtracked and rerouted their attacks and messages through decoy computers abroad.”


It’s unclear if the Facebook posts are the same posts that Comey was referring to, or if Comey’s remarks, combined with the remarks of the anonymous officials, means that in at least four different cases the attackers exposed their real IP addresses: in sending emails to Sony executives, in logging into the Sony servers, in posting messages to Pastebin and in accessing the Facebook account.


“These guys literally burnt Sony down to hide their tracks and they staged everything pretty methodically.”


Neither Comey nor the Times sources mentioned when these incidents occurred, but the Times notes that “[b]efore the attacks in November, Sony Pictures was threatened in a series of messages posted to a Facebook account set up by a group calling itself ‘Guardians of Peace.’ After Facebook closed that account in November, the group changed its messaging platform and began sending threats in emails to Sony and on the anonymous posting site Pastebin.”


The timing of the mistakes could be important because within days after the hack was first exposed, stories about North Korea’s possible role in it were already being published, which would raise the possibility that if the hackers knew investigators were looking for North Korean links, they may have decided to provide them by using North Korean IP addresses. But that’s assuming the IP addresses the FBI cites are indeed North Korea IP addresses.


This is the main issue that critics have with all of the information the FBI has so far provided about the IP addresses: without knowing the exact IP addresses and what’s on the other end of them (a mail server, a web server, a laptop) or why officials concluded the addresses are used exclusively by North Korea, the public has little to go on to trust the government’s assessment.


But two of the most vocal FBI critics, Marc Rogers and Robert Graham, are united in their criticism of this evidence, pointing out the fallibility of IP addresses as proof of origin and the fallibility of asserting that the addresses are used exclusively by North Korea. Rogers also questions the revelation that the hackers made such a newbie mistake as forgetting to use a proxy to hide their IP address.


“It is plausible that a hacker could make a mistake and not use a proxy,” says Rogers, principal security researcher for the security firm CloudFlare and head of security for the Def Con hacker conference. “These guys literally burnt Sony down to hide their tracks and they staged everything pretty methodically. It would surprise me that somebody like that would make such a huge mistake to forget to use a proxy.”


However, Jeffrey Carr, a security consultant and CEO of Taia Global, notes that the alleged slip-up, and Comey’s language describing it, are remarkably similar to what occurred in the destructive DarkSeoul attacks that struck media and bank networks in South Korea last year. According to a South Korean publication, “A technical blunder by a hacker appears to have reinforced what South Korea has long suspected: North Korea has been behind several hacking attacks on South Korea in recent years…The hacker exposed the IP address (175.45.178.xx) for up to several minutes due to technical problems in a communication network, giving South Korea a rare clue into tracing the origin of the hacking attack that took place on March 20, according to South Korean officials.”


It’s not known if this is the same IP address used in the Sony hack. But the attribution of the DarkSeoul hack to North Korea has partly fueled the attribution of the Sony hack to North Korea, as well. Because officials say the attackers in both cases used some of the same tools to conduct their attack and the DarkSeoul hack was done by North Korea, then the Sony hack was done by North Korea as well. But it should be noted that some have disputed the DarkSeoul attribution, including Carr.


In any case, critics of the FBI say it’s possible that the North Korean IP addresses the FBI is identifying in the Sony hack were themselves proxies—that is, systems the attackers hijacked to conduct their activity.


Statements by Comey and anonymous government officials that the hackers “shut it off very quickly once they saw the mistake” and went back to using known proxies, imply that the hackers had unintentionally used the IP addresses and quickly cut their connection to the Sony server. But if it was a case that the hackers had simply hijacked a North Korean system to conduct their activity, their sudden abandonment of that IP address could mean simply that they decided to stop using that proxy for some technical reason, that the hijacked system was taken offline for some reason, or they got kicked out of the system by its owner.


“It would surprise me that somebody like that would make such a huge mistake to forget to use a proxy.”


“That can mean so many different things,” says Robert Graham, CEO of Errata Security. “It sounds like that’s the interpretation [the FBI] put on things, but not necessarily what happened.”


Interpreting forensic data is fraught with problems, primarily because the same data can be viewed differently by different security researchers. Graham points to analysis of the Witty worm attack as a prime example. That malicious worm, unleashed a decade ago, was designed to destroy random data on machines it infected. Smart experts who examined the worm and infection data found patient zero—the system from which the infection began—and concluded that from there the worm had struck a hit-list of 50 initial computers at the Fort Huachuca Army base in Arizona before spreading to other systems. This led to speculation that the worm was either an inside job by someone at the base or was an external attack that targeted the base. But Graham came to a different conclusion: that the machines, which were all on the same Army network but not, it turns out, at the same base, were infected at different points and by different machines. The infection of 50 systems on the same network, and the erroneous belief that they were in the same location, only made it appear that they had all been hit by patient zero as part of a targeted attack.


“I came up with a different explanation and mine was right and theirs was wrong,” Graham says. “But if you read their document, you would say their interpretation is the only possible correct one. Until you read my explanation, and you realize why the first one is wrong. And that’s the way all data is when you look at these things.”


Claim: The IP Addresses Were Used Exclusively By North Korea


In the same way critics are skeptical that the exposed IP addresses were the real source of the attack, they also scoff at the FBI’s assertion that the IP addresses were used exclusively by North Korea.


It’s difficult to know what to make of the FBI’s claim without knowing the specific IP addresses in question. The FBI described them as ones used by North Korea, but didn’t say they were inside North Korea, which can mean a number of things. Either they’re IP addresses registered by North Korea’s only ISP—Star Joint Venture—or they’re IP addresses assigned to North Korea by another ISP it uses in China. Or it could refer to satellite IP addresses that North Korea uses, which would render the IP addresses to multiple locations. Or it could refer to entirely different IP addresses in other countries, such as China, Japan or other places where North Korea is said to have hackers. But regardless of where the addresses are located, it’s the assertion by authorities that they are used exclusively by North Korea that has critics most skeptical.


Even if the government can show that North Koreans have exclusively used these IP addresses in the past, the system used by that address could have since been compromised by the Sony hackers.


Carr points out the issues with this kind of attribution in relation to the DarkSeoul hack. He notes served as the key evidence in linking that attack to North Korea, is registered to Star Joint Venture—which is a joint venture between the North Korean government and Loxley Pacific Company in Thailand. As such, he notes, a hacker might gain access to North Korea systems and infrastructure by compromising Loxley. “It would be a simple matter to gain access to Loxley’s or Loxpac’s network via an insider or through a spear phishing attack,” he writes, “and then browse through NK’s intranet with trusted Loxpac credentials.”


We should note, however, that South Korea didn’t only use the North Korea IP address to attribute the DarkSeoul attack to North Korea. But the IP address attribution in the DarkSeoul case still carries the same quandary that the Sony hack carries: how do investigators know that an IP address is used only by North Korea?


Eliminating the possibility that others may have hijacked the servers or systems at these addresses for their own use would require more than simple traffic analysis pinning an intrusion to an IP address.


“If this IP address is exclusively used by the North Koreans, then the only source that information could come from is signals intelligence,” says Rogers. “That’s the only way they could be monitoring someone else’s IP address.”


If this is the trump card the government has, it’s not sharing.


Asked if it doesn’t give him pause that Comey and the intelligence community are so confident in their findings, Graham says no, because “if you’re really looking for something, you can always tie things back to the way you want them to be seen. It’s all a matter of perspective.”


Similarly he’s suspicious of claims that a North Korean General directed the attack on Sony. Does it mean North Korea conducted the hack? Or does it mean a North Korean agent was on a forum where one of the Sony hackers also spent time and the two struck a deal? Or does it mean something else entirely?


“They certainly know things beyond what they’re telling us,” he says, “but at the same time, they’re not telling us things that are critical [to know].”


There are some, however, who believe that nothing will satisfy the skeptics.


Richard Bejtlich, chief security strategist for FireEye, the company hired by Sony to help investigate and clean up after the attack, told the Daily Beast: “I don’t expect anything the FBI says will persuade Sony truthers. The issue has more to do with truthers’ lack of trust in government, law enforcement, and the intelligence community. Whatever the FBI says, the truthers will create alternative hypotheses that try to challenge the ‘official story.’ Resistance to authority is embedded in the culture of much of the ‘hacker community,’ and reaction to the government’s stance on Sony attribution is just the latest example.”



Could gut microbes help treat brain disorders? Mounting research tightens their connection with the brain

The trillions of microbes that inhabit the human body, collectively called the microbiome, are estimated to weigh two to six pounds -- up to twice the weight of the average human brain. Most of them live in the gut and intestines, where they help us to digest food, synthesize vitamins and ward off infection. But recent research on the microbiome has shown that its influence extends far beyond the gut, all the way to the brain.



Over the past 10 years, studies have linked the gut microbiome to a range of complex behaviors, such as mood and emotion, and appetite and satiety. Not only does the gut microbiome appear to help maintain brain function but it may also influence the risk of psychiatric and neurological disorders, including anxiety, depression and autism.


Three researchers at the forefront of this emerging field recently discussed the microbiome-brain connection with The Kavli Foundation.


"The big question right now is how the microbiome exerts its effects on the brain," said Christopher Lowry, Associate Professor of Integrative Physiology at the University of Colorado, Boulder. Lowry is studying whether beneficial microbes can be used to treat or prevent stress-related psychiatric conditions, including anxiety and depression.


One surprising way in which the microbiome influences the brain is during development. Tracy Bale, Professor of Neuroscience at the School of Veterinary Medicine at the University of Pennsylvania, and her team have found that the microbiome in mice is sensitive to stress and that stress-induced changes to a mother's microbiome are passed on to her baby and alter the way her baby's brain develops.


"There are key developmental windows when the brain is more vulnerable because it's setting itself up to respond to the world around it," said Bale, who has done pioneering research into the effects of maternal stress on the brain. "So, if mom's microbial ecosystem changes -- due to infection, stress or diet, for example -- her newborn's gut microbiome will change too, and that can have a lifetime effect."


Sarkis Mazmanian, Louis & Nelly Soux Professor of Microbiology at the California Institute of Technology, is exploring the link between gut bacteria, gastrointestinal disease and autism, a neurodevelopmental disorder. He has discovered that the gut microbiome communicates with the brain via molecules that are produced by gut bacteria and then enter the bloodstream. These metabolites are powerful enough to change the behavior of mice.


"We've shown, for example, that a metabolite produced by gut bacteria is sufficient to cause behavioral abnormalities associated with autism and with anxiety when it is injected into otherwise healthy mice," said Mazmanian.


The work of these three researchers raises the possibility that brain disorders, including anxiety, depression and autism, may be treated through the gut, which is a much easier target for drug delivery than the brain. But there is still much more research to be done to understand the gut-microbiome-brain connection, they said.


Mazmanian's lab is also exploring whether the microbiome plays a role in neurodegenerative diseases such as Alzheimer's and Parkinson's.


"There are flash bulbs going off in the dark, suggesting that very complex neurodegenerative disorders may be linked to the microbiome. But once again this is very speculative. These seminal findings, the flash bulbs, are only just beginning to illuminate our vision of the gut-microbiome-brain connection," said Mazmanian.




Story Source:


The above story is based on materials provided by Kavli Foundation . Note: Materials may be edited for content and length.



The Interface of Things: A Universal Remote for Your Life


Ford's Sync.

Ford’s Sync. Ford



When was the last time you tried to use the speech recognition feature on your phone or in your car? Maybe it was to ask your GPS program for directions, to place a call without taking your eyes off of the road or to check on traffic ahead.


Did it work? If your experience is like mine, you probably had marginal success. For example: my GPS system only hears me correctly about 50 percent of the time and struggles with street or town names. Admittedly, my Boston accent, coupled with the noisy environment of my car, doesn’t make things easier. Having been forced to pull over on several occasions to manually input my destination, I now make it a point to enter the location into my GPS before I hit the road.


According to a recent study by AAA on the potential safety risks of hands-free systems for vehicles, a detour in your morning commute could be the least of your concerns. The report found that voice-command systems can cause distracted driving, even if a driver’s eyes are on the road and both hands are on the wheel. This recent phenomenon, called “inattention blindness,” is as dangerous as manual texting while driving.


Common barriers like these have marginalized the value of voice recognition technology in smart devices, relegating its primary purpose to entertainment and infotainment status. Look no further than the Google Now commercial where a child asks if dogs can dream, or the new Amazon Echo interactive speaker, which serves as a nifty way to dictate notes or ask about the weather (and more importantly, to add things to your Amazon shopping list.) When it comes to the important things, most people opt for solutions that are sure to work every time.


Consumer research backs this up, too: according to a recent study by Affinnova, 41 percent of Americans feel strongly that the smart products they’ve seen or heard about are gimmicky. More than half say they won’t upgrade to a smart product until the maker can prove it has value beyond novelty.


For smart devices to take off, we need to focus on the interface. This means speech recognition that works regardless of background noise, accents or barking dogs and natural language understanding capabilities that understand not just what’s being said or typed, but the intent behind it. Because whether via speech, text or touch, the interface is the critical link that can turn a novelty into a must-have.


Here’s four key reasons to master the “Interface of Things”:



  1. Interacting with the Internet of Things: The Internet of Things (IoT) holds the promise to transform the way we live by creating vehicles, appliances, devices and services that communicate naturally and share information to anticipate needs and next steps. But what good is the Internet of Things if we can’t interface with it? Whether powered by speech, touch or text, the true power of the much-hyped IoT will never be realized unless we can interact with it as naturally as one another.

  2. Simplifying the Connected Life: As we transition from living in a connected world to living a connected lifestyle, the need to interface with ease will be of paramount importance. Remember when the universal remote replaced the individual remotes needed for the TV, cable box, and VCR? What if you could get rid of the remote control entirely and just tell your TV to find your show? The Interface of Things – powered by our voice – will be the universal remote for the hundreds, if not thousands, of connected devices we’ll encounter every day.

  3. Being There When it Really Matters: A mix-up in speech recognition today can lead to frustration or embarrassment; have you ever inadvertently called your boss when you were trying to reach your best friend? But when it comes to mission critical tasks like getting help when you’re stranded on the side of the road, or turning off your home alarm so your son can get in after school, you need the interface to work. And when it works, consumers will begin to adopt smart devices as tools that improve their way of life.

  4. Realizing the Promise of Star Trek Tech: It’s hard to talk about the future without looking back at what science fiction has offered over the last 50 years. From a medical tricorder to 3-D printing, many of the impossible innovations from Star Trek are now becoming a reality. Speech recognition technology is no different, and the Interface of Things will allow anyone to step into their home, office or automobile and make a request with the confidence of a Star Fleet captain.


Although still somewhat marginalized as a toy for entertainment, developers, enterprises and other visionaries are clamoring for speech recognition technology that is reliable enough to power devices and applications that operate in “can’t fail” situations.


Solutions that will lead the way will incorporate multiple recognition methods so that when difficulties in understanding are encountered, the device has a backup to ensure accuracy of intent. They will also be multimodal, incorporating not only verbal inputs, but gestures and text input as well. And finally, solutions need to be personalized and maintain context to remove frustration and eliminate unnecessary, distracting steps. The good news is this level of reliability – the Interface of Things – is not as far off in the future as many people may think.


What’s holding speech recognition back? Is it the technology, the lack of providers, or something else? How would you use the Interface of Things if it was available today?


Mike Iacobucci is President and CEO of Interactions Corporation.



After Firefox Deal, Yahoo Gains on Google in U.S. Search Traffic


Photo: Courtesy of Yahoo

Photo: Courtesy of Yahoo



Things are looking up for Yahoo. At least a bit.


The venerable internet company has made some significant gains in the U.S. internet search market, while Google has experienced its biggest drop in market share since 2009, according to analytics firm StatCounter. The changes come after a deal made back in November, when Mozilla’s Firefox browser switched its default search engine from Google to Yahoo.


According to StatCounter, Google now has its smallest share of the U.S. search market since at least 2008. Its share fell to 75.2 percent in December from 77.5 percent the previous month. Yahoo’s share, meanwhile, leapt from 7.4 percent to 10.4 percent, and its mobile search traffic saw similar growth, from 8 percent to 10 percent.


The gain is natural considering the widespread use of Firefox. In December, according to StatCounter, Firefox accounted for about 14 percent of U.S. browsers.


Yahoo’s standing in the industry has been shaky as of late. With ever-increasing competition from behemoths like Google and Facebook, an evolving online landscape, and a digital advertising business on the decline, the company is facing some big challenges. But it’s not all bad news.



A Clever Plan to Teach Schoolkids New Languages With a Free App


duolingo-chalkboard

Getty Images



In developing countries like Ethiopia, Malaysia, and Mozambique, the market for English language learning is red hot. These are places where, often, English proficiency is seen as a stepping stone to a better job and a one-way ticket out of poverty. But one major kink in that plan is the fact that in many cases, the English teachers within these countries don’t speak English either. And so, the cycle continues.

But Luis von Ahn believes his app could play a key role in breaking that cycle. Von Ahn is the co-founder of Duolingo, a free language learning app that launched two and a half years ago and has since amassed a whopping 60 million users worldwide.


As big as Duolingo—and indeed, the entire online learning market—has become outside the classroom, von Ahn knows that language education still has a crucial place in schools. That’s why, on Thursday, the Pittsburgh-based startup is launching a new platform called Duolingo for Schools, which will help teachers track student activity on the app and tailor their lectures in the classroom, accordingly.


“It’s hard to know how many, but we think right now we have a few thousand teachers using Duolingo without this feature,” von Ahn says. “I think this will multiply that by a factor of ten, easily.”


Duolingo’s success is part of a groundswell of activity in the online learning space. In recent years, thanks to the explosive growth of platforms like Coursera and edX, the idea that you can get a quality education for free online has gone mainstream.


The New Model


That’s one reason why, in the early days, von Ahn and his co-founders Brendan Meeder and Severin Hacker intentionally designed Duolingo not for large school systems, but for a mass audience of international language learners. They objected to the fact that most mainstream products for learning a new language, like Rosetta Stone, are still prohibitively expensive, despite the huge and growing demand for English language education in poverty-stricken places.


Duolingo co-founders Severin Hacker and Luis von Ahn.

Duolingo co-founders Severin Hacker and Luis von Ahn. Duolingo



“It’s like the main reason you want to learn English is to get out of poverty,” says von Ahn, who hails from Guatemala, “but you need $500 to do it.”


So, the co-founders developed a novel business model to pay for the free service. When students finish a lesson in Duolingo, they can test their newfound knowledge by translating a piece of text in a news article. Companies like CNN and Buzzfeed pay Duolingo for these crowdsourced translations, and now, according to von Ahn, Duolingo’s millions of students churn out several hundred articles a day.


Whether or not Duolingo’s founders designed the products for schools, teachers slowly but surely began incorporating it into the classroom anyway, albeit with some clunky workarounds. “They do these weird things where they have all the students use Duolingo, and at the end, the teacher goes around writing what the students did,” von Ahn says. “It’s pretty cumbersome.”


Now, teachers will be able to create an account that tracks all of their students to see who’s struggling with or excelling at which skills. What’s more, the system learns from student performance to help teachers understand the best ways to teach a given subject.


“If we want to figure out if we should teach plurals before adjectives, we run a test,” von Ahn explains. “It could take you years to figure that out, otherwise. This year you’d have to teach it one way, and next year you teach it another way, and maybe after ten years you figure out plurals are better than adjectives first. Yes, teachers have been doing it way longer, but we can iterate way faster.”


The Teacher Caveat


Despite these advantages, some academics caution that an app like Duolingo can never replace the teacher—or the textbook—particularly at the university level. “You can review vocabulary and practice verb forms, but it’s not giving you any cultural context,” says Elise Mueller, an academic technology consultant, specializing in language teaching and technology at Duke University.


“It’s great that it’s free and available to people, and it does support language learning, but the main pushback is: it can’t be the primary way you’re learning a language.”


Still, Mueller concedes that for younger learners, Duolingo may become a worthwhile addition to the classroom. “It’s great, because it’s addictive,” she says. “Instead of having to do your homework and learn vocabulary the hard way, you’re pulled into it.”



3-D Printing Helped These Teens Build a Smarter Wheelchair


hand drive 2

NuVu



Sixteen-year-old Mohammad Sayed wanted more from his wheelchair. So he started hacking the thing.

Sayed is a student at NuVu, an experimental high school in Cambridge, Massachusetts where students learn practical skills through hands-on projects, and for one his projects, he used a 3-D printer to transform his wheelchair into something more useful. He and his classmates added a laptop tray and a canopy, and, most radically, they rebuilt the chair so that Sayed could propel it with a rowing motion rather than the traditional push.


The project is just one way that 3-D printing is remaking the way we build—and modify—the stuff we use in our daily lives. This includes everything from wheelchairs to musical instruments to guns. Using cheap 3-D printed parts, Sayed and his classmates transformed a simple wheelchair into something very different—not to mention far more valuable—and they’re open sourcing their work, so that anyone can 3-D print the components themselves.


The students didn’t invent the concept of a rowing wheelchair. It’s already in use in the GoGrit, a wheelchair designed for use on rough terrain, and by NASA engineer Salim Nasser’s Rowheels project. The idea dates back to at least 1990, says Steve Spohn, the chief operating officer of videogame accessibility organization AbleGamers. But making it easy to convert an existing wheelchair by using a 3-D printer could make this type of chair more affordable and accessible.


According to the NuVu students, each part costs only about $2 or $3 to print. The only non-printable part is a bar that can be purchased at Home Depot for a few dollars more. And that could be a big deal for some wheelchair users. “If you are someone with atrophy and the muscles you would use to push with your biceps are getting weaker, allowing for different types of movement could mean the difference between continuing in a manual wheelchair or being forced to convert to a power wheelchair,” he says.


‘Start Small, Go Big’


NuVu students attend the school full-time for three months or more, but instead of taking traditional classes like math and English, they spend their time working on hands-on projects ranging from creating animated videos to cobbling together custom robots. Each term kicks off with a one week crash-course in technical skills such as computer-aided drafting, 3-D printing, laser cutting and computer programming.


hand drive 1

NuVu



Then they are given a design problem to work on for the rest of the term. The wheelchair parts were actually part of several different projects. “Actually, I wanted to make a wheelchair that flies and go under water,” Sayed jokes. “But [my teacher] said we need to start small and then go big.”

So Sayed dialed that back to a more humble request: a better laptop tray for his chair. “I had looked for trays outside before,” he says, “but never found one that fit my needs.” Soon, he and his team started coming up with more ideas, like a more accessible compartment for storing cargo, and a canopy to protect Sayed from the elements. But the biggest idea was the rowing mechanism.


No Going Back


While more feasible than Sayed’s original idea for a flying wheelchair, the project was still rather ambitious. “Our project ended up being a very mechanical problem that none of us had every encountered before: figuring out how to make our own ratcheting mechanism,” says another student, Kate Reed, 16, referring to the mechanism that enables Sayed to propel the chair forward with each rowing motion without also pulling himself backwards when he pulls the rowing bar back towards him.


“A mechanical engineer could probably have looked at it and figured out the angles to make the mechanism work. But none of us are mechanical engineers, so we went with the guess-and-check method.”


After several tries, they came up with a mechanism that seemed to work. But when they showed it to Sayed, he pointed out that the wheelchair couldn’t go in reverse. So the students went back to the drawing board.


The Real Challenge


They ended up modifying a traditional brake handle so that, instead of braking, it switches the chair from forward into reverse. “When one mechanism is engaged you can move forward, then when you pull the break you can switch the mechanisms,” says 17-year-old Daniel Nathaniel Tong.


Tong and the other students say the project taught them a lot about product design and engineering. But more importantly, they say, they learned to work as a team. “Before NuVu, I didn’t do well in groups, because as a creative person you always push your own ideas,” Sayed explains. “Communication was sometimes a challenge, but now I’ve learned.”



Uber’s New Moving Service in Hong Kong Is No Mere Stunt


ubercargo

Uber



Uber has proven many times over that it’s good for more than just ride-hailing. In the past, the app has acted as a Christmas tree delivery service, an ice cream truck-hailing app, an on-demand kitten-cuddling business, and, when San Francisco legalized gay marriage last summer, a full-fledged wedding planner. These were all marketing stunts, sure. But they proved how nimble (sometimes bizarrely so) Uber’s business model is.


Now, the company is using these skills for a more practical purpose.


With the flip of a switch, Uber can mutate into whatever type of transportation system it chooses.


On Wednesday, Uber announced the launch of UberCargo, a moving service currently being tested in Hong Kong. Similar to UberMovers, a service Uber offered college students last August to help them move out of their dorm rooms, UberCargo lets people hail a van, load it with their stuff, and cart it across town. They’re not even required to ride along with it.


The news in and of itself isn’t groundbreaking, except that it provides one compelling example of Uber’s ambitions to be a full-fledged logistics company. Uber’s $40 billion valuation makes it more valuable than the entire U.S. taxi and limousine industry. That’s largely due to the fact that, with the flip of a switch, Uber can mutate into whatever type of transportation system it chooses. Its vast network of drivers and the technology that supports them are extremely flexible, and projects like UberCargo prove as much.


While Uber mostly showcases that fact with hair-brained antics, this isn’t the first time Uber has tested a viable business model outside of ride-hailing. UberFRESH, which is currently operating only in Los Angeles, competes with services like SeamlessWeb and Delivery.com in the food delivery space. UberRUSH, operating only in New York City, is a courier service for shuttling small deliveries around town. And this summer, Uber even took on tech giants like Amazon and Google with the launch of Uber Corner Store, a service that promises delivery of staple items from local stores in 10 minutes or less.


In a blog post on UberCargo, Uber called the project an “Uber Everything experiment focused on making every day city living easier so you have more time to do what matter most.” Each of these small scale tests—yes, even the wacky ones—gives Uber a better idea of whether consumers actually want to use Uber for all of their needs. As Uber continues to expand, even in the face of so much regulatory backlash, is seems all signs point to yes.



Computational Creativity and the What-If Machine


5119474042_8ee30b5c50_b

Steve Jurvetson/Flickr/CC



As computers have become more sophisticated, researchers have increasingly asked whether or not machines have the capability for creativity. Can we use machines for certain, or all, aspects of the creative process (and hopefully learn something about human creativity in the process)? This is the field of computational creativity, a fascinating interdisciplinary discipline.


For example, IBM has been using the technology of Watson (of Jeopardy! fame) to create novel and intriguing food recipes. Through analyzing “the chemical compounds and ingredients, food professionals can identify new recipes and pairings that are not only tasty and healthy, but also efficient to produce.” The recipes it generates are weird but apparently tasty.


Well, there is another project named the What-If Machine that helps with another aspect of creativity: the part of ideation, coming up with creative new ideas that can be tested and explored (such as in a short story). From the website:



In Computational Creativity research, we study how to engineer software which can take on some of the creative responsibility in arts and science projects. There has been much progress towards the creative generation of artefacts of cultural value such as poems, music and paintings. Often, when produced by people, such artefacts embed a fictional idea invented by the creator. For instance, an artist might have the fictional idea: [What if there was a quiz show, where each week someone was shot dead?] and express this through a painting, poem or film. While such ideation is clearly central to creativity, with obvious applications to the creative industries, there have only been a few small, ad-hoc studies of how to automate fictional ideation. The time is therefore ripe to see whether we can derive, implement and test novel formalisms and processes which enable software to not only invent, but assess, explore and present such ideas.



The results, which you can generate and play with here, seem to all take the form of “What if there was a little [BLANK] who [BLANK]?” Lack of the subjunctive aside, you can get a lot of thought-provoking results.


My favorite result so far, and which is somewhat haunting, is “What if there was a little whale who couldn’t swim?”


Go check it out.



Cape Watch: OK, There Might Be Too Many X-Men Movies Now


CapeWatch17

Marvel Entertainment (left, right), Warner Bros. (center)



While we were still recovering from the holidays and trying to pretend that January isn’t the worst month of the year (it’s so dark and so cold, especially after spending a month surrounded by brightly-colored lights watching videos of logs burning!), the machine that is the superhero movie business kept chugging along. This week, Marvel took advantage of the winter lull to get us excited about Ant-Man, while Fox decided that it was time to see how many X-Men movies an audience is prepared to pay money for in a 12-month window. Just as we did in 2014, may we present the highlights of the week’s superhero movie news.


SUPER IDEA: Gambit Getting a Release Date


Proving that it was (surprisingly) serious about spinning the X-Men’s comedy Cajun mutant thief character into his own solo movie Fox revealed earlier this week that Gambit, starring Channing Tatum as the roguishly charming—not to mention Rogue-charming—hero, will be released in October next year.

Why this is super: For those who feel Gambit is one of the more fun members of Marvel’s mutant franchise (or merely those who like Tatum as an actor), this seems like a good idea … until you realize it’ll be the third X-Men movie Fox releases next year (following Deadpool, which we’ll return to in a second, and X-Men: Apocalypse). Is Fox trying to drown its fledgling franchise in one fell swoop?


SUPER IDEA: It Really Is a Small World After All


Given its troubled creation—which included the loss of original writer/director Edgar Wright and last-minute addition of replacement director Peyton Reed—there were times when it seemed unlikely that anyone would ever get a chance to watch Marvel’s Ant-Man. Imagine the joy of all true Ant-Fans this week, then, when Marvel not only released the first poster for the Paul Rudd vehicle, but also the first official trailer for the movie. This is only part of Marvel Studios’ latest wave of promotion. In addition to this trailer, which debuted alongside the studio’s TV show, Agent Carter, Marvel will also release a second trailer for Avengers: Age of Ultron next week.

Why this is super: Well, first of all, it’s proof that we’re actually going to get an Ant-Man movie in the first place. Secondly, as with all the Marvel movies to date, it looks fun—even if there’s also a feeling of sameness about Marvel projects beginning to seep in. What’s that saying about familiarity breeding contempt…?



The Secret Talents Who Make Portlandia and Workaholics So Hilarious


Jon, was the idea always for you to be the sole director on Portlandia?


Krisel: It’s only episodic TV that has a bunch of directors. I never really thought of it like, “I’m going to be the only guy directing.” The three of us write it together, we rewrite on set, the editing is really important—it’s more like a craft project.


Kyle, you and the three stars of Workaholics started out together with the web series/sketch group Mail Order Comedy, but while you sometimes act in the show, you’re much more behind-the-scenes now. Why?


Newacheck: That was my goal: the editing, the directing and the producing. The acting is more of a skill for me as a comedic director than it is a skill that I exercise because I like acting. I act because I like to improv with my buddies, but I also like to know what it’s like on that side of the lens.


Do you write all the episodes before you start filming?


Krisel: We write everything ahead of time, but then you’re constantly rewriting—but it’s nice to go in with a little bit of a blueprint of what you’re going to do. You can’t wing it.


Newacheck: We gotta have that blueprint. I don’t direct every single episode like you, so we gotta have the directors that can carry it out, too.


Have you ever had an outside director on Portlandia?


Jonathan Krisel speaks at the "Portlandia" season 5 premiere in L.A., Jan. 5, 2015.

Jonathan Krisel speaks at the “Portlandia” season 5 premiere in L.A., Jan. 5, 2015. Matt Sayles/AP



Krisel: This season we have two for the first time. I started working on another show [Man Seeking Woman, Jay Baruchel’s show for FXX that also premieres Jan. 14], so I had to leave for the last two episodes.


Newacheck: Busted! You abandoned them, bro.


Krisel: I wanted to make sure it didn’t feel like that, so I brought on people who were friends of the show.


Kyle, you’ve done some directing on other TV shows. When you do that, do you feel like you’re able to put your imprint on it or are you just fulfilling a role?


Newacheck: There are different directorial responsibilities on different shows. You figure out where to put your best swings in. With Parks & Rec, that show is its own style, you’re just working on the comedy. But then on a show like Community, that is more about the directorial approach—they go on these genre missions pretty much every episode, so that one was more challenging technically. Happy Endings was right in the middle.


Jon, have people approached you about doing stuff like that?


Krisel: A little bit. They’ve never seemed that enticing. I always felt like I wouldn’t know what to do. I’ve done commercials where it’s like, “Do they even need me here? I’m trying to give suggestions, but…”


Newacheck: It’s super frustrating. I did a pilot for NBC and holy smokes, it was the worst experience ever. They brought me in to direct it, so I didn’t do much in the development of the show except for casting. I couldn’t believe the amount of people that sat around the table and discussed the project. There had to have been 20 people at every single high-up creative meeting—I sit in a room with four guys, and that’s hard enough to make it funny. I don’t think I’ll do it again unless it gets really crazy and I need the money.


You guys are both entering your shows’ fifth season, do you feel like you’ve gotten more ambitious as it’s gone on?


Newacheck: Yes, we’re always raising the bar. Right now I’m visually breaking the episode where the dudes take peyote. It’s a total mindfuck and it’s really a fun process trying to make these tricks and optical illusion—and to do a lot of them practically, not just relying on the digital aspect of, “We’ll just put some shit in here.”


Krisel: The format of the show has morphed into this more narrative season, so there’s definitely more emphasis on storytelling. Usually we have an idea that kind of tells a story over three sketches, but now each episode this whole season has a single narrative. The ambition for me is keeping it as funny as possible and keeping the style of the show the same, but expanding it to tell a little story that’s just a fun journey to go on with these characters that you’ve gotten to know over these last four seasons.


When you started doing these shows, did you feel like you knew what you were doing or were you totally making it up as you went?


Newacheck: When I first started Workaholics, I was still living in the house we were shooting it in. I was living with the dudes, so it was like we were living this show. Nobody could have made the show except for me, but I didn’t know what I was doing.


Krisel: You have a vision of what it could be, then you start realizing what the look and feel and tone is as you go along. When you make a pilot, you’ve never seen the show before, you don’t know what it is.


Over time, you’ve both created this very strange but very specific sense of a place, plus an expanding world within it. Was that something you set out to do or is that something that has developed over time?


Krisel: That was definitely part of naming the show Portlandia—it was going to be about this city and they’re going to play all the characters in it. This season is the first season where we’re going to tell stories about it. I kept bringing in this video of Tales of the City, the PBS series, to see how we can make our show more like it. I’d watch it and be like, “I have no idea,” but that was kind of what we did this season. We have this rich depth of weirdos.


Newacheck: None of us have ever even been to Rancho Cucamonga, other than driving through it on the way to Big Bear or out to the desert or something. We were making a show about Van Nuys, because that’s where we lived, and then we just changed it to Rancho Cucamonga because it was a funnier name.



Liveblog: We’re in the Homestretch of the CES Gadget Extravaganza