Connect with us


Is it safe to send kids back to school?



Covid-19 has been disruptive and bewildering for everyone, but especially for children. In the UK and in most US states, schools closed in March. Many of them will keep their doors shut until the fall. That’s six months without the normality of a school day, not to mention a significant break without any formal education for the many children who cannot access online classes.

It’s a global issue. Schools have had to close in 191 countries, affecting more than 1.5 billion students and 63 million teachers, according to the United Nations. But in many countries, schools are now cautiously reopening: in Germany, Denmark, Vietnam, New Zealand, and China, children are mostly back behind their desks. These countries all have two things in common: low levels of infection and a reasonably firm ability to trace outbreaks. 

What about the UK or the US, where the number of cases is relatively high and tracing systems are still in the early stages? How will we know when it’s safe for children to return? There can never be a cast-iron guarantee. But for parents to be able to gauge the level of risk, there are three questions that need answering. How susceptible are children to covid-19? How badly does it affect them? And do they spread it to others?

We know that children are less likely to catch the coronavirus than adults. They’re about half as likely, to be precise, according to a recent study by the London School of Hygiene & Tropical Medicine (LSHTM) using data from China, Italy, Japan, Singapore, Canada, and South Korea, published in Nature Medicine. A survey of 149,760 people with covid-19 by the US Centers for Disease Control and Prevention found that children 17 and under, who make up 22% of the US population, account for fewer than 2% of confirmed infections across the United States. 

These findings were supported by a meta-analysis of 18 studies carried out by researchers at University College London, which found that under-18s were 56% less likely to catch coronavirus from an infected person than adults. On the flip side, children are likely to have more close contact with others than adults do, especially in a school, which could potentially mitigate the protective benefit they get from being less likely to catch the virus in the first place. Even so, the numbers look promising.

If children do become infected in spite of this, how badly does it affect them?

The LSHTM study suggests that when children catch covid-19, they usually get very mild effects. Only one in five of those aged 10-19 had any clinical symptoms, compared with 69% of adults over 70. Children are extremely unlikely to die from coronavirus: during the peak nine weeks of the pandemic in England and Wales, just five children 14 and under died, out of a population of almost 11 million in that age group, according to official data analyzed by David Spiegelhalter, a statistician at Cambridge University. A preprint in the journal Public Health found that across seven countries up to May 19, there were 44 covid-19 deaths out of over 137 million children 19 and under. That’s a rate of less than 1 in 3 million. There is an unpleasant new covid-linked inflammatory syndrome in children similar to Kawasaki disease, but it’s extremely rare. “I think there have been fewer than 500 cases reported worldwide,” says Tina Hartert, a medicine professor at the Vanderbilt Institute for Infection, Immunology, and Inflammation in Nashville, Tennessee. The message seems to be that parents should not worry unduly about what might happen to their kids should they catch the virus. 

The final crucial question: to what extent do children spread the coronavirus once infected? “If you look at the peer-reviewed literature, it’s very mixed. The simple answer is we don’t know,” says Jeffrey Shaman, an infectious diseases expert at Columbia University. A nine-year-old boy with coronavirus in the French Alps in February did not transmit the virus to anyone else despite exposure to more than 170 people, including close contact within schools. However, we shouldn’t read too much into a study of one. On the other hand, researchers from Berlin University tested 3,712 covid-19 patients, 127 of whom were under 20, and concluded that children can carry the same viral load as adults, which seems to correlate with infectiousness.

One of the biggest fears is that a child could pick up the coronavirus at school and then bring it home to Grandma. “The risk to the kids is low, and it’s not bad for me or my partner, but I do worry about them going back to school and then seeing my parents,” says Kirsten Minshall, a father of two boys aged 9 and 11 who lives in a seaside town in Kent in the UK.

It is possible for children to introduce covid-19 into their household—a study from China identified three occasions when a child under 10 was the “index case” in a home. But it seems to be rare.

The crux of the issue is data, or more precisely a lack of it. Because children are less likely to catch covid-19, and are likely to have milder symptoms if they do, they are less likely to be seen by doctors or tested. That means high-quality, reliable data on this question is hard to come by. 

A large National Institutes of Health–funded study in the US that launched last month should help. It’s going to test nasal swabs from nearly 2,000 families in 10 cities every two weeks. The aim is to work out what role children play in transmission, says Hartert, who is leading the study. Enrollment has just finished, and she expects the first results within weeks. 

Population-wide serological surveys—which test for the presence of antibodies against covid-19 in blood samples—will also help plug the data gap. Studies comparing areas where schools have reopened and those where they have not could be hugely helpful, too. If it ends up being the case that children are less susceptible to infection, that suggests closing schools won’t be a very important way to reduce transmission across society, says Rosalind Eggo, an infectious disease modeler at LSHTM, who was involved in the study. However, she warns that it’s tricky to disentangle the closure of schools from all the other actions that were taken at the start of the pandemic.

“It’s very difficult to work out what happened to transmission when schools closed, because that happened at the same time as a lot of other interventions, like a general lockdown, distancing, and increased hygiene,” she says.

But none of this addresses a major group, without which no school can function: teachers. 

“Some teachers will be elderly, and there’s no easy answer for them. They’re incredibly high risk,” says Hartert. Many of the schools that have reopened around the world have introduced distancing measures and schedules that minimize contact between school groups. 

“I’m less afraid teaching than I am going to the supermarket,” says Marleen Slingenbergh, the head of biology at Alexandra Park School in London, where some schools have reopened for a small proportion of their students. She says that’s because the school has prioritized safety⁠—students have to sanitize their hands between lessons, teachers are required to stay at least two meters away from students at the front of the class, and there are strict “one at a time” bathroom policies, for example. 

That said, the majority of students haven’t returned yet. Slingenbergh fears it won’t be possible to maintain the safety measures when school returns in full in September. “With one week on, one week off, it’s possible. When we have 1,600 students, it will be tricky, especially during the changeover between lessons,” she says. 

Ultimately, the crucial thing for schools may be their ability to respond flexibly—closely monitoring for any potential outbreaks and quickly closing when necessary. 

There is, understandably, a lot of pressure from parents to keep their children safe, and many are still not comfortable with sending them back to school, says Slingenbergh. But most of them recognize it’s a delicate balance. “It’s all about weighing up the risks of covid, the kids getting proper schooling, and looking after their mental health,” Minshall says. 

Source link

قالب وردپرس


8 million people, 14 alerts: why some covid-19 apps are staying silent



When France launched its app for digital contact tracing, it looked like a possible breakthrough for the virus-ravaged country. After going live in June, StopCovid was downloaded by 2 million people in a short time, and digital affairs minister Cédric O said that “from the first downloads, the app helps avoid contamination, illness, and so deaths.” But officials soon had to walk their enthusiasm back after it emerged that in its first three weeks the app had alerted only 14 people to tell them they might have been exposed to the coronavirus. 

“This isn’t the end of the story,”  said O in its defense. “We keep improving the application.”

In Australia, meanwhile, things were even worse. The country’s Covidsafe app launched in April and got far greater adoption—6 million downloads in a country of 25 million. And yet it had even less of an impact: in the state of Victoria, it failed to identify a single contact that hadn’t already been uncovered by manual tracers, according to Gizmodo.

But while it doesn’t sound great, the lack of pings may not necessarily be a sign of failure in and of itself.

Part of the criticism may be due to too much hype. The early focus on contact tracing apps was understandable: a vaccine is still many months away, assuming we can even find one that will work. Apps stepped into the breach as a potential panacea—even though many insiders have consistently argued that they are only one of a number of tools we have to fight the virus.

On a mathematical level, too, the low level of notifications might be expected, according to Jon Crowcroft, professor of communications systems at the University of Cambridge. In a situation where there are low numbers of covid-19 cases, people are observing social distancing, and the density of app users is not high, you would not expect to see many notifications, he says.

“It’s simple math for the numbers of notifications: if 1% of people have covid-19 and they are all tested, and only 1% of people run the app, you have a 1 in 10,000 chance of having both the tested person and the exposed person having the app, so your notification rate will be 10,000 times lower than the case rate,” Crowcroft explains.  (For example, during the period in which Victoria issued 21 notifications, the state registered just 350 cases of covid-19.)

However, even with the most optimistic lens, it’s clear there’s a gulf between what was promised and what these apps are delivering. So what went wrong?

Technically awkward

First, it’s worth looking at the similarities between the two services. Both France and Australia shunned the model put forward by Google and Apple—where data is kept on the user’s phone to maintain privacy—in favor of a centralized approach, where user information is sent to remote servers. This is problematic because Google and Apple have restricted how much Bluetooth scanning centralized apps can do in the background.

Michael Veale, a digital policy lecturer at University College London, sums up the issue: “They aren’t detecting many phones because the background Bluetooth does not function. That’s because they aren’t using a decentralized approach.” 

This situation has created a series of other technical difficulties. Australia’s app works only 25% of the time on some devices, in particular iPhones. That’s because the Bluetooth “handshake” necessary to register proximity between two phones doesn’t work if the phone screen is locked. This was the exact problem that caused the UK to abandon its app last month (it’s not clear when it will launch a replacement).  

“This effectively means for a contact tracing app to work without using their system, a user has to walk around like a Pokemon Go player, with their phone out, the app open, and not use their phone for anything else,” says one researcher not directly involved in development for either app, who requested anonymity.

Too conservative

All this may have been exacerbated by adopting an overly conservative approach to avoid the risk of “over-notifying” users, says Crowcroft. Worries that oversensitive alerts could create panic means the apps only consider people who are extremely likely to have been in close contact with each other for extended periods of time—not just people you brushed past for a few seconds in the store. “A lot of care went into trying to avoid a lot of false positive notifications in some apps. This may make them super conservative,” he says.

In addition, both Australia’s and France’s apps have been blighted with performance issues and bugs. Users have complained that France’s app drains their phone’s battery life—possibly the reason that hundreds of thousands of people have uninstalled it. 

“This is the prime risk for developers: you make one mistake and wipe out somebody’s battery,” says Andrew Eland, who until recently worked as an engineering director at Google and then DeepMind Health. Some users say the StopCovid app regularly crashes, and has to be reactivated every time you switch your phone back on.

Aiming for improvement

So what are the lessons? Bluetooth is a very complex technology, but it’s fiendishly difficult to build a contact tracing app without using Apple and Google’s system. So for the sake of building an app rapidly, perhaps it’s best that governments don’t adopt a centralized system or something else that creates technical difficulties. If possible, countries should consider reusing the code for another country’s app that has proved to be a success—for example, Germany’s open-source Corona-Warn App, which has been downloaded by over 15 million people in a population of 83 million since it launched on June 15. Secrecy and clinging to exceptionalism are a poor combination when it comes to building contact tracing apps.

And ultimately, the public needs to bear in mind that contact tracing apps are likely to be only a small part of the fight against the coronavirus—rather than a magic answer to the problem. 

“If you want to know the best way to spend time and money on technology to track and trace coronavirus infections, it would probably be better to focus on making manual contact tracing more efficient,” says Eland.

Source link

قالب وردپرس

Continue Reading


This Week in Security: F5, Novel Ransomware, Freta, and Database Woes



The big story of the last week is a problem in F5’s BIG-IP devices. A rather trivial path traversal vulnerability allows an unauthenticated user to call endpoints that are intended to be restricted to authenticated. That attack can apparently be as simple as:

'https://[F5 Host]/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin'

A full exploit has been added to the metasploit framework. The timeline on this bug is frighteningly quick, as it’s apparently being actively exploited in the wild. F5 devices are used all over the world, and this vulnerability requires no special configuration, just access to the opened management port. Thankfully F5 devices don’t expose the vulnerable interface to the internet by default, but there are still plenty of ways this can be a problem.


Microsoft has made a new tool publicly available, Freta. This tool searches for rootkits in uploaded memory snapshots from a Linux VM. The name, appropriately, is taken from the street where Marie Curie was born.

The project’s namesake, Warsaw’s Freta Street, was the birthplace of Marie Curie, a pioneer of battlefield imaging.

The impetus behind the project is the realization that once a malicious actor has compromised a machine, it’s possible to compromise any security software running on that machine. If, instead, one could perform a security x-ray of sorts, then a more reliable conclusion could be reached. Freta takes advantage of the VM model, and the snapshot capability built into modern hypervisors.

As you might imagine, the idea of sending snapshots of your Linux VMs to Microsoft for scanning has been met with some skepticism. That said, the primary use case for Freta will likely be the Azure cloud, so it’s reasonable to see this as just another tool for that ecosystem. It will be interesting to see this technology mature, as there seems to be great potential.

Vulnerability Compatibility in IE11

Earlier in the year, yet another jscript.dll vulnerability was found and fixed in Internet Explorer. As a quick recap, jscript.dll is the javascript engine from IE8. The continual presence of IE8 compatibility mode means that this old codebase still persists in modern Windows versions. Were IE8 only accessible by user intervention, this would be much less of an issue, but a website can request this compatibility mode, meaning that simply visiting a malicious website could enable an attack.

What we have this week is a detailed look at CVE-2020-1062, the bug in question. It’s a use after free, and it’s triggered by freeing an object in an overridden callback of that object. In the example code, the exploit defines the “toString” function, and manages to free the parent object in that function. As is almost always the case, finding a crash is the easy part, but turning it into a working exploit is much harder. The use-after-free bug doesn’t in itself allow for code execution, but results in code execution jumping to a location controlled by the attacker. Using the Binary Ninja tool, the researchers found an existing function that they could jump to, and from there pull off remote code execution. The full story is more involved than we have space here to cover, so go check it out for the full details.

Citrix Bug Detailed

Earlier this year, we covered CVE-2019-19781, another path transversal vulnerability, but this one is in Citrix products. Now, six months have passed since the initial disclosure, and Mikhail Klyuchnikov has written up a more detailed report on the flaw.

At it’s core, the vulnerability is simple. On a Citrix gateway, “/vpn/” hosts the login page for remote users. The url isn’t properly sanitized, so something like: /vpn/../vpns/portal/scripts/[scriptName].pl
doesn’t require authentication, but does actually execute the Perl script at the given location. The ability to interact directly with these scripts as an unauthenticated user would be problem enough, but the script actually allows writing data to arbitrary locations. Between the ability to execute Perl scripts, and the ability to write to the file system, it’s rather trivial to install a remote shell using this vulnerability.

Ransomware Hitchhikes on USB Drives

Try2cry is a new ransomware, spreading itself through USB flash drives. In the old days, this sort of worm would simply use the autorun feature of Windows to automatically infect a machine when plugged in. On modern machines, with autorun disabled, malware authors have to be more creative in order to spread their wares. Try2cry copies it’s installer to the root of the flash drive, marks all the existing files and folders as hidden, and then creates shortcuts in place of the hidden files. These shortcuts all point back to the malware installer, and the hope is that a user won’t notice the change, and installs the malware when trying to access the files.

Apparently this ransomware is little more than a copy-and-paste of the open source “stupid” ransomware, available on GitHub. The good news is that it can be decrypted with available tools.

MongoDB Ransomware

Yes, even more ransomware. MongoDB databases are quite popular, with something like 45,000 of them exposed to the internet. The problem is that half of those are configured without a password. Anyone can connect to, read, and write to them. Yes, many of those are probably just for testing, but inevitably some of them have live data as well. Apparently some aspiring blackhat realized that all those unprotected databases were a prime target, and launched an attack.

Each database is wiped, and a ransomware note is added in place. As far as ransomware goes the .015 BTC that is requested is rather cheap, valued at $138 at time of writing. The worst part of the attack might be the threat attached: to leak the stolen data, and then file a GDPR complaint on behalf of those whose data was exposed.

And Finally…

Samba announced a pair of bugs recently. So far, it appears that neither problem can lead to RCE, but they’re rather simple to launch DoS attacks. One attack is a variation on the zip bomb, where a DNS name composed of 8127 dots causes Samba to lose it’s mind. The other flaw is a code softlock triggered by a UDP packet with an empty data message. Both flaws require netbios to be enabled in an Active Directory configuration.

IBM’s Db2 database software has a remotely exploitable buffer overflow. This issue can result in arbitrary code execution as root, so make sure to get this patched if you’re running big blue.


Source link

قالب وردپرس

Continue Reading


5 Best Google Fi Compatible Phones You Can Go For



Google Fi, a carrier service launched by Google in the US, was previously available for Pixel and Nexus smartphones only. As of now, Google has extended support for a lot of Android smartphones.

The Google Fi service provides the users with data services on three different mobile networks including US Cellular, Sprint, and T-Mobile. Google Fi also utilizes Wi-Fi for texting and calling according to the availability.

Previously, it was easy to choose a Google Fi compatible phones as there were only two or three of them. Now, finding the most appropriate Google Fi compatible phone is a task due to several options available now.

Here we have curated the list of 5 best Google Fi compatible phones. You can select the best fit for you according to your needs after going through the specifications of the smartphones.

Also Read: Top Gaming Phones For 2020: Best Smartphones To Play Video Games

5 Best Google Fi Compatible Phones

1. Moto G7

Moto G7 can be considered as the most affordable smartphone with Google Fi support. It comes with a 6.2-inch Full HD+ display and has a water repellant design. It is based on the Android 9.0 Pie and runs on the Qualcomm Snapdragon 632 processor.

Moto G7 has 4GB RAM along with 64GB onboard storage and its memory is expandable up to 128GB via microSD card. It sports a dual rear camera set up including a 12MP primary sensor and a 5MP depth sensor. The phone also features a 8MP selfie camera.

In terms of battery, Moto G7 is powered by a 3000mAh battery and supports 15W TurboPower charge. As of now, Moto G7 is available at a price of $198.50. So if you want to buy an affordable google fi compatible phone, Moto G7 is the best fit.

2. OnePlus 7T

Best google fi compatible phones

OnePlus 7T is one of the best mid-ranged smartphones available in the market. The phone features a 6.55-inch Fluid Display along with a 90Hz refresh rate. It runs on the Qualcomm Snapdragon 855 processor and is based on the latest Android 10.

OnePlus 7T sports a triple rear camera setup including a 48MP primary sensor, 12MP secondary sensor, and a 16MP tertiary sensor. Apart from that, it features a 16MP front camera for selfies.

The smartphone has two variants based on storage including 128GB onboard storage variant and 256GB onboard storage variant. The smartphone comes equipped with a powerful battery of 3800mAh and supports Warp Charge 30T.

The basic variant of OnePlus 7T including 8GB RAM and 128GB onboard storage is available at a price of $502.50 approximately and the top-notch variant is available at a price of $515.40.

3. Google Pixel 4 XL

Best Google Fi compatible phones

Google Pixel 4 XL was launched back in October 2019. The smartphone comes with a 6.3-inch display and is based on the Android 10. It runs on the Qualcomm Snapdragon 855 processor and can be dubbed as one of the best Google Fi compatible phones.

Snapdragon 855 is accompanied with 6GB RAM and 64GB onboard storage in the Google Pixel 4. Apart from that, it sports a dual rear camera setup including a 16MP primary camera and a 12MP secondary sensor.

Google Pixel 4 XL comes equipped with a 3700mAh battery and USB Type-C support. However, the price of the smartphone is a bit high as it is available at a price of $939 in the market. You can go forward to buy Pixel 4 XL only if you want a high ranged smartphone.

4. Samsung Galaxy S20

Samsung Galaxy S20

If you are looking for a Google Fi compatible smartphone with 5G connectivity support then Samsung Galaxy S20 is the best option out there. The smartphone features a 6.2-inch punch-hole display along with a 90Hz refresh rate. It runs on the Samsung Exynos 990 processor that is accompanied by 8GB RAM and 128GB onboard storage.

The best part about the smartphone is that it has a expandable memory upto 1TB via a microSD card. Samsung Galaxy S20 comes with a triple rear camera setup including a 64MP primary lens, 12MP secondary lens and a 12MP tertiary lens. It sports a 10MP selfie camera.

Samsung Galaxy S20 comes with a massive 4000mAh battery. The smartphone is available at a price of $933.12 in the market. Apart form Samsung Galaxy S20, you can also go for other smartphones of Samsung Galaxy S20 series as they all are Google Fi compatible.

5. Google Pixel 3a

Best Google-Fi compatible phones

Google Pixel 3a is the best fit for you if you are looking for a compact Google Fi compatible smartphone. With a 5.6-inch OLED display, the smartphone features three different color profiles.

Google Pixel 3a runs on the Qualcomm Snapdragon 670 processor and is based on the Android 9.0 Pie. In terms of storage, the smartphone comes equipped with 4GB RAM along with 64GB onboard storage.

Google Pixel has very basic camera specifications including a 12MP rear camera and an 8MP front camera. It is powered by a 3000mAh battery. Google Pixel 3a will cost around $406.13 as of now.

Choosing Google Fi Compatible Phones

You can choose the most appropriate smartphone from the above-mentioned Google Fi compatible smartphones. Apart from those smartphones, you can also check out whether your smartphone is compatible with Google Fi or not by visiting the compatibility page.

We will keep updating this list with new Google Fi compatible phones as and when they become available. So, don’t forget to check the list again after some time.

The post 5 Best Google Fi Compatible Phones You Can Go For appeared first on Fossbytes.

Source link

قالب وردپرس

Continue Reading