Connect with us


I don’t think it’s a crime to dump 111k people’s details online in Google Earth format • The Register

Voice Of EU



The person who reformatted the Guntrader hack data as a Google Earth-compatible CSV has said they are prepared to go to prison – while denying their actions amounted to a criminal offence.

The pseudonymous person spoke to The Register by email late last week after dumping the personal data of 111,000 UK firearm and shotgun certificate owners online in a CSV formatted for ease of importing into Google Earth, pinpointing gun owners’ homes.

They told us: “If a judge and jury of our peers finds us guilty of any offense, we will of course accept the punishment with good grace and apologise to anyone who can be defined as a victim. However we don’t see what we have done is criminal.”

Although the person used the pseudonym Ernie Goldman, their responses used the royal “we”. Their blog is called Hunting Leaks and was featured in news reports earlier this year when it first emerged as a platform for doxxing fox-hunting supporters.

When asked who they were, “Ernie” told The Reg: “We are people who are angry with the Countryside Alliance, for spying and building up illegal databases on hunt saboteurs, we remain anonymous to protect ourselves from the people we are up against, namely those involved in fox hunting and the wider hunting community.”

The Countryside Alliance allegedly maintains a database of people who turn up to countryside fox hunts (in the traditional English sense involving hunters on horseback and packs of hounds) and attempt to disrupt them.

“Ernie” claimed to have been alerted to the leak by press coverage. The original file, as we reported first, appeared to be a dump of a SQL database saved as a CSV file. The latest leak saw columns in that file re-ordered to make it easier for Google Earth to ingest, displaying location information as pinpoints on a map of Britain.

“Our desired goal was to provide a database that can be used as a reference point by people who are trying to stop wildlife from being killed. If for example you are involved in trying to stop the badger cull, spot who you thought was a shooter’s car parked up at a house you could check the database to see if they are gun owners,” wrote “Ernie”.

On their blog they had encouraged fellow travellers to contact firearm owners and demand information about their activities.

Although no agreed figures are readily available, many tens of thousands of firearm owners around the country either shoot rifle range targets or clay pigeons. Some of those don’t agree with shooting live quarry and take no part in it.

The activist added, of the inclusion of those people in his data dump: “The reverse is obviously not true, not everyone on the databse [sic] will be involved in shooting wildlife, that should be obvious by the very nature of the database and who is on it.”

It is not obvious from the database’s contents. Those are simply rows of personal information including names, phone numbers, login credentials, postal addresses, geo-location coordinates collected by Guntrader, and more.

Whatever, I’m just like the news

The activist did not express remorse over the inclusion of five-year-old data in the file, which included location and address information of Guntrader users stretching between 2016 and July this year, writing: “The date modified column would indicate to anyone looking at the database how recently the person used the guntrader site.”

Aside from the obvious potential problem of targeting people who have never shot at animals in their lives, the inclusion of five-year-old addresses puts at risk those who may have moved into a home after a gun owner moved out. It raises the spectre of robbers demanding homeowners hand over something they simply don’t have.

“Ernie” also sought to paint themselves as morally equivalent to the news media, blaming The Register for reporting the breach, which was circulating on various social media platforms after criminals first obtained the database and hosted it on the clearnet.

When asked if they had any regrets about other criminals or terrorists possibly obtaining and using the data, “Ernie” said: “Probably about the same as you, or any other journalist or blogger commenting and drawing attention to a hack that had nothing to do with us.”

Responsible journalism does not involve publishing the stolen personal data of hundreds of thousands of people in an easy-to-make-into-a-map format. Neither does it include denying responsibility for the consequences of that action; two days after “Ernie” dumped the data online, a domestic home included in the breach was targeted during a burglary where a shotgun was stolen from a locked gun cabinet during a one-hour time window.

Police: We’re on it and we’ve told licensing units

Detective Inspector Louise Boyce from the South West Regional Cyber Crime Unit (SW RCCU) told The Register last week: “Our criminal investigation into the Guntrader data breach continues and we are pursuing a number of lines of enquiry to identify those responsible for both the original offence and further publishing of the stolen data online.”

“We continue to work closely with the National Crime Agency to manage any risk associated with the incident and all local police force Firearms Licensing Units have been made aware of the breach and publication of user data,” she added.

An NCA spokesperson said: “The NCA is aware that information has been published online as a result of a recent data breach which impacted Guntrader. We are working closely with the South West Regional Cyber Crime Unit (SWRCCU), who are leading the criminal investigation, to support the organisation and manage any risk.”

Martin Parker, the British Association for Shooting and Conservation’s head of firearms, said in a statement: “We will remain in contact with the NCA and SWRCCU as the situation develops and we are pressing to ensure the agencies get to the bottom of this. It was already a significant breach of data, but this latest development is particularly concerning.”

Advice from the NCA to firearm and shotgun certificate holders includes double-checking all doors and windows are locked when you leave the home; keeping gun cabinet keys secured away from the safe itself in a discreet location; being aware of “any suspicious activity such as people watching your property, or following you back from places where the shotgun may have been used/seen”; and not leaving firearms or shotguns unattended in a vehicle.

BASC has also published detailed security advice for firearm and shotgun certificate holders.

Not a terror crime?

SWRCCU confirmed to The Register that it is not treating the latest Guntrader data dump as a terrorism offence. Section 58 of the Terrorism Act 2000 prohibits the collecting of information likely to be useful to a terrorist, and a map of potential firearm storage locations, stolen from a firearms sales website and pinpointed on a Google Earth map seemingly would be useful to a would-be terrorist.

Some might also argue the publication by “Ernie” may be intended to intimidate the 111,000 members of the public included in it, meeting the definition of terrorism in section 1(1)(b) of the act.

The breach remains one of the worst-case data breaches in recent infosec history. While small on the grand scale of things, what makes this data leak unique is its publication in circumstances where ne’er-do-wells were urged to act on the data and use it to intimidate (or worse) members of the public doing their own thing.

The Information Commissioner’s Office is aware of the Guntrader breach. ®

Source link


Big tech’s pro-climate rhetoric is not matched by policy action, report finds | Environment

Voice Of EU



The world’s biggest tech companies are coming out with bold commitments to tackle their climate impact but when it comes to using their corporate muscle to advocate for stronger climate policies, their engagement is almost nonexistent, according to a new report.

Apple, Amazon, Alphabet (Google’s parent company), Facebook and Microsoft poured about $65m into lobbying in 2020, but an average of only 6% of their lobbying activity between July 2020 and June 2021 was related to climate policy, according to an analysis from the thinktank InfluenceMap, which tracked companies’ self-reported lobbying on federal legislation.

The report also sought to capture tech companies’ overall engagement with climate policy by analyzing activities including their top-level communications as well as lobbying on specific legislation. It found that climate-related engagement levels of three of the five companies – Amazon, Alphabet and Microsoft – had declined compared to the previous year.

Tech companies, which have some of the deepest pockets in corporate America, have been racing to come out with increasingly ambitious climate pledges. Amazon has a target to be net zero by 2040 and to power its operations with 100% renewable energy by 2025, and Facebook has a target of net zero emissions for its entire supply chain by 2030.

In 2020, Microsoft pledged to become carbon negative by 2030 and by 2050 to have removed all the carbon the company has ever emitted. Apple has committed to become carbon neutral across its whole supply chain by 2030.

And Google has pledged to power its operations with 100% carbon-free energy by 2030, without using renewable certificates to offset any fossil-generated power. “The science is clear, we have until 2030 to chart a sustainable course for our planet or face the worst consequences of climate change,” the Google and Alphabet CEO, Sundar Pichai, said in a video announcing the policy.

Yet this strong pro-climate rhetoric is not being matched by action at a policy level, according to the report. “These gigantic companies that completely dominate the stock market are not really deploying that political capital at all,” said the InfluenceMap executive director, Dylan Tanner.

Tech companies have not been entirely silent. Apple, for example, has expressed support for the Biden administration’s proposed clean energy standard, which aims for all US-generated electricity to be renewable by 2035.

But these efforts are significantly outweighed by those of big oil and gas companies, which have ramped up their climate lobbying over the same timeframe, according to the report. “Most of their political advocacy is devoted to climate change and it’s negative,” said Tanner.

A lack of engagement is especially disappointing given the new momentum around climate action under the Biden administration, said Bill Weihl, a former Facebook and Google sustainability executive and now executive director of Climate Voice, which mobilizes tech workers to lobby their companies on climate action. “The dominant business voice on these issues is advocating against the kind of policies that we need,” he said.

Joe Biden’s $3.5tn budget reconciliation bill, which includes large investments for climate action, is facing fierce opposition from some industry groups. The US Chamber of Commerce, the country’s most powerful business lobbying group, has said it will “do everything we can to prevent this tax raising, job killing reconciliation bill from becoming law”. All of the tech companies, with the exception of Apple, are members of the Chamber.

“Our best chance to lead the planet to safety in the race against climate change is through this reconciliation bill, yet InfluenceMap has shown that big tech is still MIA on climate in Congress,” said Senator Sheldon Whitehouse, a Rhode Island Democrat and longtime advocate for climate legislation.

Microsoft and Apple declined to comment on the report and Alphabet did not respond to requests for comment. A spokesperson for Amazon said the company engages at local, state and international levels to “actively advocate for policies that promote clean energy, increase access to renewable electricity, and decarbonize the transportation system”.

A Facebook spokesperson said “we’re committed to fighting climate change and are taking substantive steps without waiting for any legislative action”, adding that the company supports the Paris climate agreement goals and helped found the Renewable Energy Buyers Alliance.

But these actions are not enough given the scale of the crisis, said Tanner. The UN warned in a report published on Friday that even if current climate emissions targets are met, the world is still on a “catastrophic pathway” for 2.7C of heating by the end of the century. “We’re running out of time,” Tanner said, “physically on climate but also on a public policy level.”

Source link

Continue Reading


Some of you have dirty green credentials • The Register

Voice Of EU



TechUK – the UK’s digital trade association representing computer giants and start-ups alike – has called on firms to check their green credentials and make sure they stand up to scrutiny.

The warning comes as UK businesses were told to brush up on their eco-claims or risk public humiliation and enforcement action by the Competition and Markets Authority (CMA).

Businesses have until the New Year to make sure their environmental claims – such as those regarding energy consumption, packaging, recycling, and product lifecycle assessments – comply with the law and are not simply an exercise in greenwashing.

As part of its efforts to steer companies, the CMA has published a six-point Green Claims Code in a bid to make it clear that anyone spouting eco-friendly claims “must not omit or hide important information” and “must consider the full life cycle of the product.”

The CMA is targeting sectors that some onlookers may regard as low hanging fruit including textiles and fashion, energy-hungry travel and transport, and fast-moving consumer goods.

However, any sector and the companies that operate within it – including tech – could fall within the CMA’s crosshairs.

In a statement, Andrea Coscelli, chief exec of the CMA, said: “We’re concerned that too many businesses are falsely taking credit for being green, while genuinely eco-friendly firms don’t get the recognition they deserve. Any business that fails to comply with the law risks damaging its reputation with customers and could face action from the CMA.”

However, there are worries the new rules may lead to confusion. In its evidence to the CMA, techUK said the six principles set out in the guidance were “not specific enough” and also called for more information to help tech firms. It also warned that different variables made in lifecycle assessments could lead to misleading results [PDF].

In a statement, Susanne Baker, associate director for Climate, Environment and Sustainability, techUK, told us: “The CMA’s guidance is important for any company making a green claim about their services, products and company. With more green claims being made by the tech sector than ever before, it’s absolutely vital that these aren’t deemed to be greenwashing.

“Firms have until the new year to address this and will need to think carefully about any green claim they make, be sure they can substantiate them, that they aren’t misleading, and are truthful and accurate,” she said.

The CMA announced that it was investigating the impact of green marketing on consumers last year when it found that 40 per cent of green claims made online could be misleading – suggesting that thousands of businesses could be breaking the law.

In June, The Register reported how a shortage of plastics – rather than a desire to protect the planet — could be one reason why recycled plastics may be working their way into laptops and other gadgetry.

Amazon recently found itself fending off a whistle-blower’s claims alleging it dumped unsold goods to landfill, and later bragged that it had achieved lower carbon “intensity” in its business practices. The latter claim was shot down by an unimpressed scientist close to The Reg who remarked that the fact Amazon’s business was growing was not “helpful to Earth”, and the fact it polluted less per unit of activity didn’t change the bottom line “which is that they are polluting more this year than they did last year.”

Meanwhile, Tesla CEO Elon Musk recently announced the electric car maker will stop accepting Bitcoin payments for its vehicles, due to the “increasing use” of fossil fuels, particularly coal, to support Bitcoin’s electricity-hungry mining and transaction processing.

An Intel sponsored report by non-profit Resilience First, highlighted in June the role of tech in reaching net-zero carbon emission goals. However, making chips has been a dirty business, with a 2002 study concluding that a single 2g semiconductor chip required a whopping 1.6kg of secondary fossil fuels and 72g of chemical inputs to be put into production. ®

Source link

Continue Reading


Fivetran nears five times its unicorn valuation as it plans further growth

Voice Of EU



The data integration business growing its EMEA HQ in Dublin is set for further expansion following a $5.6bn valuation and key acquisition.

Silicon Valley-headquartered Fivetran has announced $565m in Series D funding alongside a deal to acquire HVR.

This latest funding round sees the automated data integration provider’s value reach $5.6bn just over a year after it first reached unicorn status.

The funding round from new and existing investors included General Catalyst, CEAS Investments and Matrix Partners. Andreessen Horowitz led the round, which also brought in new investors Iconiq Capital, D1 Capital Partners and YC Continuity.

In total, Fivetran has raised $730m to date. And in tandem with its Series D funding round, the company also announced a $700m cash and stock deal to acquire data replication business HVR.

‘Without an always-on, accurate and reliable way to centralise data, global organisations aren’t maximising the use of data or data infrastructure’

For Fivetran’s mission to help businesses make use of the data they have, in a way that is quicker and requires fewer resources, HVR brings database replication performance along with enterprise-grade security.

“HVR is a recognised leader for enterprise database replication and shares our same vision – to make access to data as simple and reliable as electricity,” said Fivetran CEO George Fraser. “Their product is the perfect complement to our automated data integration technology and will be instrumental for us to help enterprise organisations that want to improve their analytics with a modern data stack.”

Fraser added that the latest injection of funding from investors will enable the company to expand its capabilities and accelerate its global growth.

Fivetran established its EMEA HQ in Dublin in 2018. The following year, fresh investment saw the company plan to double its Irish workforce. Last summer, a $100m funding round saw these expansion plans furthered.

In terms of market opportunity, Andreessen Horowitz general partner Martin Casado says Fivetran is a “critical component” of the modern data stack, which represents “a paradigm shift for global enterprises, with billions of dollars of revenue at stake”.

“Without an always-on, accurate and reliable way to centralise data, global organisations aren’t maximising the use of data or data infrastructure,” said Casado.

The acquisition deal has been approved by the boards of both companies and is expected to close in early October, subject to regular approvals.

Customers from both companies are expected to benefit from each of the business offerings. On the side of Fivetran, this client list includes Autodesk, DocuSign, Forever 21, Lionsgate and Square, while HVR services dozens of Fortune 500 brands.

“Combining HVR and Fivetran will enable a next-generation solution that will better inform business decisions by providing the freshest data available,” said HVR CEO Anthony Brooks-Williams.

“We’re thrilled to be joining forces with Fivetran and look forward to what this incredible opportunity will provide for our growing team, partners and customers.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!