SN 605: Google -vs- Symantec

Security Now (MP3)

This week Steve and Jason discuss... Google's Tavis Ormandy takes a shower, iOS gets a massive feature and security update, a new target for 'Bot money harvesting appears, Microsoft suffers a rather significant user-privacy fail, the UK increases its communications decryption rhetoric, a worrisome vote in the US senate, NEST fails to respond to a researcher's report, this week in IoT nonsense, a fun quote of the week, a bit of miscellany, some quickie questions from our listeners, and a close look at the developing drama surrounding Google's enforcement of the Certificate Authority Baseline rules with Symantec.

We invite you to read our show notes.

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

SN 604: Taming Web Ads

Security Now (MP3)

This week Steve and Leo discuss developments in the new windows on old hardware front, Cisco finds a surprise in the Vault7 docs, Ubiquity was caught with the PHPs down, CheckPoint discovered problems in WhatsApp and Telegram, some interesting details about the long-running Yahoo breaches, the death of the "eBay Football", the latest amazing IoT insanity, the incredible results of the CanSecWest Pwn2Own competition, a classic "you're doing it wrong" example, Tavis pokes LastPass again, some miscellany and an interesting proposal about controlling web advertising abuse.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Comparison of the homogeneity of mRNAs encoding SFRP5, FZD4, and Fosl1 in post-injury intervals: Subcellular localization of markers may influence wound age estimation.

Related Articles

Comparison of the homogeneity of mRNAs encoding SFRP5, FZD4, and Fosl1 in post-injury intervals: Subcellular localization of markers may influence wound age estimation.

J Forensic Leg Med. 2016 Oct;43:90-6

Authors: Zhu XY, Du QX, Li SQ, Sun JH

Abstract
The inter-group heterogeneity and intra-group homogeneity of relative expression are very necessary when the mRNA were used to determine wound age accurately in forensic medicine. The aim of this study was to assess the intra-group homogeneity of SFRP5, FZD4 and Fosl1 mRNAs in post-injury intervals. The corresponding proteins show different subcellular locations. A total of 78 Sprague-Dawley rats were divided into control and contusion groups. At 4, 8, 12, 16, 20, 24, 28, 32, 36, 40, 44, or 48 h (n = 6 per group) after contusion (under anesthesia by chloral hydrate intraperitoneally), the rats were sacrificed using a lethal dose of pentobarbital, and samples of the injured muscles were collected. The raw Ct values of SFRP5, FZD4, and Fosl1 mRNAs were obtained using real-time PCR. After normalized to RPL13 mRNA levels, the coefficient of variation (CV) and the relative average deviation (d%) of each normalized Ct, and their relative expression levels, were calculated in each post-injury interval. Two methods were applied to compare the homogeneity of the three genes. First, each gene was given a score based on its CV value in each post-injury interval. Then, the sum of the 13 scores was calculated; a low sum indicated high homogeneity. Second, the 13 calculated CVs or d%s were used as raw data, which was described as the mean ± SD. Based on this mean ± SD, a CV of the CVs and a d% of the d%s were calculated to represent the variation; a low value indicated high homogeneity. The sum of the variability of FZD4 mRNA was lower than those of the SFRP5 and Fosl1 mRNAs, consistent with the results that the FZD4 mRNA had the lowest mean, the smallest CV of all CVs, and the smallest d% of all d%s, among the three genes. In conclusion, these data indicated that mRNA encoding membranous FZD4 was likely to be more homogeneous than those encoding SFRP5 and Fosl1 within post-injury intervals.

PMID: 27497723 [PubMed - indexed for MEDLINE]

The accuracy of body mass prediction for elderly specimens: Implications for paleoanthropology and legal medicine.

Related Articles

The accuracy of body mass prediction for elderly specimens: Implications for paleoanthropology and legal medicine.

J Forensic Leg Med. 2016 Oct;43:102-9

Authors: Chevalier T, Lefèvre P, Clarys JP, Beauthier JP

Abstract
Different practices in paleoanthropology and legal medicine raise questions concerning the robustness of body mass (BM) prediction. Integrating personal identification from body mass estimation with skeleton is not a classic approach in legal medicine. The originality of our study is the use of an elderly sample in order to push prediction methods to their limits and to discuss about implications in paleoanthropology and legal medicine. The aim is to observe the accuracy of BM prediction in relation to the body mass index (BMI, index of classification) using five femoral head (FH) methods and one shaft (FSH) method. The sample is composed of 41 dry femurs obtained from dissection where age (c. 82 years) and gender are known, and weight (c. 59.5 kg) and height are measured upon admission to the body leg service. We show that the estimation of the mean BM of the elderly sample is not significantly different to the real mean BM when the appropriate formula is used for the femoral head diameter. In fact, the best prediction is obtained with the McHenry formula (1992), which was based on a sample with an equivalent average mass to that of our sample. In comparison, external shaft diameters, which are known to be more influenced by mechanical stimuli than femoral head diameters, yield less satisfactory results with the McHenry formula (1992) for shaft diameters. Based on all the methods used and the distinctive selected sample, overestimation (always observed with the different femoral head methods) can be restricted to 1.1%. The observed overestimation with the shaft method can be restricted to 7%. However, the estimation of individual BM is much less reliable. The BMI has a strong impact on the accuracy of individual BM prediction, and is unquestionably more reliable for individuals with normal BMI (9.6% vs 16.7% for the best prediction error). In this case, the FH method is also the better predictive method but not if we integrate the total sample (i.e., the FSH method is better with more varied BMI). Finally, the estimation of the mean BM of a sample can be used with more confidence compared to the estimation of individual BM. The former is very useful in an evolutionary perspective whereas the latter should be used in keeping with the information gathered on the studied specimen in order to reduce prediction errors. Finally, the BM estimation can be a parameter to consider for personal identification.

PMID: 27497725 [PubMed - indexed for MEDLINE]

Determination of sex from the patella in a contemporary Spanish population.

Related Articles

Determination of sex from the patella in a contemporary Spanish population.

J Forensic Leg Med. 2016 Nov;44:84-91

Authors: Peckmann TR, Meek S, Dilkie N, Rozendaal A

Abstract
The skull and pelvis have been used for the determination of sex for unknown human remains. However, in forensic cases where skeletal remains often exhibit postmortem damage and taphonomic changes the patella may be used for the determination of sex as it is a preservationally favoured bone. The goal of the present research was to derive discriminant function equations from the patella for estimation of sex from a contemporary Spanish population. Six parameters were measured on 106 individuals (55 males and 51 females), ranging in age from 22 to 85 years old, from the Granada Osteological Collection. The statistical analyses showed that all variables were sexually dimorphic. Discriminant function score equations were generated for use in sex determination. The overall accuracy of sex classification ranged from 75.2% to 84.8% for the direct method and 75.5%-83.8% for the stepwise method. When the South African White discriminant functions were applied to the Spanish sample they showed high accuracy rates for sexing female patellae (90%-95.9%) and low accuracy rates for sexing male patellae (52.7%-58.2%). When the South African Black discriminant functions were applied to the Spanish sample they showed high accuracy rates for sexing male patellae (90.9%) and low accuracy rates for sexing female patellae (70%-75.5%). The patella was shown to be useful for sex determination in the contemporary Spanish population.

PMID: 27690337 [PubMed - indexed for MEDLINE]

Darkness as factor influencing the oviposition delay in Calliphora vicina (Diptera: Calliphoridae).

Related Articles

Darkness as factor influencing the oviposition delay in Calliphora vicina (Diptera: Calliphoridae).

J Forensic Leg Med. 2016 Nov;44:98-102

Authors: Bonacci T, Storino P, Scalercio S, Brandmayr P

Abstract
Many environmental and intrinsic factors (e.g. limited access to the body) can disrupt insect activity, causing a delay in the colonization of a corpse. These elements could hinder an accurate estimation of the minimum Post-mortem Interval (minPMI), raising questions about the limits of forensic entomology. Blow fly are considered mainly diurnal and relatively inactive at night, at extreme temperatures and in dark conditions. Data on their ability to lay eggs in darkness and in laboratory conditions are scarce. Oviposition by Calliphoridae during the day but in darkness has been documented in chimneys, cellars and cars. To investigate delays in oviposition in the dark we carried out laboratory experiments using plastic boxes containing Calliphora vicina Robineau-Desvoidy specimens placed in a climatic chambers at different temperatures. We found that C. vicina laid eggs in complete darkness inside the plastic boxes, but later than the specimens inside the boxes at light condition. We believe that oviposition can occur in dark indoor environments in conditions of optimal air temperature, gravid flies and an accessible corpse. However, when corpses are discovered in dark environments, entomologists should consider a significant delay in oviposition by blow fly in order to reduce errors in PMI estimation.

PMID: 27721180 [PubMed - indexed for MEDLINE]

Mathematical model in post-mortem estimation of brain edema using morphometric parameters.

Related Articles

Mathematical model in post-mortem estimation of brain edema using morphometric parameters.

J Forensic Leg Med. 2017 Jan;45:21-28

Authors: Radojevic N, Radnic B, Vucinic J, Cukic D, Lazovic R, Asanin B, Savic S

Abstract
Current autopsy principles for evaluating the existence of brain edema are based on a macroscopic subjective assessment performed by pathologists. The gold standard is a time-consuming histological verification of the presence of the edema. By measuring the diameters of the cranial cavity, as individually determined morphometric parameters, a mathematical model for rapid evaluation of brain edema was created, based on the brain weight measured during the autopsy. A cohort study was performed on 110 subjects, divided into two groups according to the histological presence or absence of (the - deleted from the text) brain edema. In all subjects, the following measures were determined: the volume and the diameters of the cranial cavity (longitudinal and transverse distance and height), the brain volume, and the brain weight. The complex mathematical algorithm revealed a formula for the coefficient ε, which is useful to conclude whether a brain edema is present or not. The average density of non-edematous brain is 0.967 g/ml, while the average density of edematous brain is 1.148 g/ml. The resulting formula for the coefficient ε is (5.79 x longitudinal distance x transverse distance)/brain weight. Coefficient ε can be calculated using measurements of the diameters of the cranial cavity and the brain weight, performed during the autopsy. If the resulting ε is less than 0.9484, it could be stated that there is cerebral edema with a reliability of 98.5%. The method discussed in this paper aims to eliminate the burden of relying on subjective assessments when determining the presence of a brain edema.

PMID: 27914998 [PubMed - indexed for MEDLINE]

Estimation of stature from radiographic measurement of foot dimensions: Truncated foot length may be more reliable than full foot length.

Related Articles

Estimation of stature from radiographic measurement of foot dimensions: Truncated foot length may be more reliable than full foot length.

J Forensic Leg Med. 2017 Feb;46:53-57

Authors: Gwani AS, Salihu AT, Garba IS, Rufa'i AA

Abstract
Foot length has been shown to be a reliable dimension for estimation of stature. However, phalanges of the foot are very small bones and their length may not be proportional to person's stature. Thus, we hypothesized that foot length measured excluding the phalanges, the truncated foot length, may be more reliable in stature estimation than full foot length. This study, therefore, aimed at comparing the accuracy of the regression equations derived from the truncated foot length and the full foot length. The study recruited a sample of 32 young adults (16 males and 16 females) aged from 20 to 35 years. Lateral radiographs of the right feet were obtained for each subject in a bilateral standing position while maintaining equal weight on both feet. Standing height of the participants was measured with a stadiometer. Truncated foot length and full foot length were measured on the lateral radiographs of the foot. Independent t-test was used to check for mean differences in the dimensions between genders. Linear regression analysis was used to determine the equations for stature estimation. Intra and inter-observer reliability were calculated from four precision estimates: absolute technical error of measurement (aTEM), relative technical error of measurement (rTEM), coefficient of reliability (Rr) and coefficient of variation (Cv). All the dimensions measured were significantly larger in males than females. Linear regression equations were derived for estimation of stature using both the truncated foot length and full foot length. The regression equations derived from truncated foot length have larger correlation coefficient, coefficient of determination, adjusted coefficient of determination as well as smaller standard error of estimation than those derived from full foot length. All the precision estimates showed that the measurement errors are within acceptable limits. This study suggests that even if the full foot length is available, excluding the phalanges may give more accurate stature estimation.

PMID: 28131011 [PubMed - indexed for MEDLINE]

[Estimation of postmortem interval using vitreous potassium levels in cases of fatal road traffic collision].

Related Articles

[Estimation of postmortem interval using vitreous potassium levels in cases of fatal road traffic collision].

Arch Med Sadowej Kryminol. 2016;66(2):71-82

Authors: Foster SN, Smith PR, Biggs M, Rutty GN, Hollingbury FE, Morley SR

Abstract
AIM OF THE STUDY:: To produce a formula that can accurately predict postmortem interval (PMI) based on vitreous potassium levels using road traffic collision fatalities.
MATERIAL AND METHODS:: Vitreous humour samples were taken from 78 individuals who had died following road traffic collisions between 2010 and 2015. Samples were obtained from both eyes and were sent for on-site analysis. Measurement of potassium was by an indirect ion-specific electrode Siemens diagnostics ADVIA 2400 chemistry system. Exact time of death was known from police reports, the time of postmortem was recorded and the postmortem interval was calculated. Linear regression was then used to analyse the relationship between the two. The impact of age was also assessed.
RESULTS:: PMI was between 6 and 162 hours. As vitreous potassium increases, the PMI also increases; exhibiting a linear relationship. This is illustrated by a regression equation of PMI = 6.42[K+] - 40.94, R = 0.67 (p < 0.001). This produced a formula closely comparable with three other studies proposed in previous literature and produces estimates that may exceed one calendar day. When both age and medical intervention are accounted for there is an insignificant improvement in prediction.
CONCLUSIONS:: Validated methods have been used to produce a formula for prediction of PMI using vitreous potassium. Although this is specific to road traffic collisions, the methods are transferable and can be seen to be comparable with other recently published methods. Nonetheless, if greater levels of accuracy are required it is suggested that biomarkers delivering a higher level of precision should still be sought.

PMID: 28144928 [PubMed - indexed for MEDLINE]

SN 603: Vault 7

Security Now (MP3)

This week Steve and Leo discuss March's long-awaited patch Tuesday, the release deployment of Google Invisible reCaptcha, getting more than you bargained for with a new Android smartphone, the new "Find my iPhone" phishing campaign, the failure of Wi-Fi anti-tracking, a nasty and significant new hard-to-fix web server 0-day vulnerability, what if your ISP decides to unilaterally block a service you depend upon? Shining some much-needed light onto a poorly conceived end-to-end messaging application, two quick takes, a bit of errata and miscellany... and a look into what Wikileaks revealed about the CIA's data collection capabilities and practices.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.