Over 20 years, Russian pensioner Vladimir Ovchinnikov gained a following for his street murals in the small town of Borovsk, some 70 miles (115 km) southwest of Moscow, many of which depicted the plight of victims of Stalinist-era repressions.

But on March 25, just over a month after Russia sent tens of thousands of troops into Ukraine, Ovchinnikov created a new work, one that would place him in serious legal jeopardy.

He painted a girl, in a blue and yellow dress, the colours of the Ukrainian flag, with a bomb falling onto her from above. Beneath her, in block capitals, he wrote: “STOP”.

The mural fell afoul of new laws passed by the Russian government effectively criminalising opposition to the military campaign in Ukraine.

“The police said that this piece discredited our army”, Ovchinnikov, 85, told Reuters.

The mural was painted over and Ovchinnikov ordered to pay a 35,000 rouble ($554) fine for the new offence of “discrediting the Russian army”, which carries a maximum penalty of five years in prison.

In response, he painted a new piece, on the same spot, writing the word “bezumiye” (“craziness” in Russian), spelt with a Latin letter Z, which has become a symbol of what Moscow calls its special military operation in Ukraine. The police promptly painted over it.

It triggered a game of cat-and-mouse between Ovchinnikov and police in Borovsk, a town of 12,000 people

In place of the painted-over mural, he drew the words “pozor” (shame), “fiasco”, and “basta” (enough), each with a Latin Z. Each in turn was painted over by the police.

The Borovsk local administration did not respond to a request for comment.

For Ovchinnikov, opposition to the conflict in Ukraine is underpinned by a family history of Soviet-era repression. His grandfather was shot by Lenin’s Bolsheviks in 1919 and his father was arrested during Stalin’s purges in 1937.

He has drawn attention to Russia’s history of political repression as a motif in his art. In 2017, he persuaded local authorities to erect a monument to its victims – a stone taken from the Solovetsky islands in Russia’s far north, the site of the Soviet Union’s first Gulag prison camp.

“This topic of political repression and the closed nature of this topic, the wiping of historical memory, is one and the same thing as what is happening with Ukraine,” Ovchinnikov said.

Related Galleries:

The number of internet-facing cameras in the world is growing exponentially. Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives.

Original post at https://cybernews.com/security/millions-ip-cameras-exposed/

When you spy on your neighborhood or your cafe customers, do you wonder if someone is watching Big Brother – you, in this case?

Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network.

New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. After looking at 28 of the most popular manufacturers, our research team found 3.5 million IP cameras exposed to the internet, signifying an eightfold increase since April 2021.

While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies.

What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. And while cosmetic security measures are in place, security leaders have long warned that technologies produced by Chinese companies can be exploited by China’s government.

Surge in internet-facing cameras

When we last did similar research, we discovered over 400,000 internet-facing cameras online. This time, the Cybernews research team found 3.5 million internet-facing cameras.

Since this is a convenient and cheap tool to surveil anything from a parking lot, a warehouse, your doorstep, or even monitor your child’s sleep using a baby camera, it’s not surprising to see a surge in IP camera usage.

While not surprising, the trend is worrying since internet-connected devices might be vulnerable to attacks – threat actors can gain access to the camera’s live feed, collect sensitive data, and launch further attacks on the network.

It is worrying that all analyzed brands have at least some models that allow users to keep default passwords or have no authentication setup whatsoever.

The reign of a Chinese brand

Most of the public-facing cameras we discovered are manufactured by the Chinese company Hikvision: the Cybernews research team found over 3.37 million of its cameras worldwide.

According to our researchers, they have the necessary security practice in place as they force users to create their unique passwords during an initial setup process. Nevertheless, the global popularity of Hikvision cameras has raised some eyebrows and, as is typical with China-manufactured technology, it and other companies are facing a backlash from Western governments.

Recently, the UK parliament instructed government agencies to cease the deployment of Chinese equipment, including surveillance cameras, on to sensitive sites, saying the technology is produced by companies subject to the National Intelligence Law of the People’s Republic of China.

Hikvision’s website advertised optional demographic profiling facial analysis algorithms, including gender, race, ethnicity, and age. Following an investigation by the Guardian, the ad was removed.

In November, the US Federal Communications Commission banned authorizations for Chinese telecommunications and video surveillance equipment, saying that Huawei, ZTE, Hytera, Hikvision, and Dahua are “deemed to pose a threat to national security.”

Most insecure brands

Most analyzed brands (96.44% of the discovered cameras) force users to set passwords or generate unique default passwords on the newest models and firmware versions. While this is a good trend, it doesn’t mean that all the cameras are safe since the lion’s share of these cameras is probably comprised of older models or those operating with outdated firmware using default or weak passwords.

Anyhow, this is a fundamental shift in the trend since last year, when we found that only 5.25% of analyzed cameras asked users to set their passwords.

As of today, 3.56% (127,000) of all analyzed cameras recommend changing the default password but do not enforce it. Sometimes, they don’t even mention it in the initial setup process, with the recommendation being on a blog post instead.

Even more concerning is that over 21,000 cameras did not have any authentication setup, allowing anyone to access them, leaving owners at risk of cyberattack.

According to the research, most public-facing cameras that might be using default credentials are operational in the United States, where we identified over 458,000 such devices.

Germany, which took second place in our research last year, covering over 50,000 cameras, didn’t even make it into the top 10 countries this time.

The second most affected country is Vietnam, with nearly 365,000 cameras, followed by the UK (nearly 250,000).

Visual here: Top 10 Countries with the most internet-connected cameras that could be using default credentials:

If you want to know how to secure your IP camera give a look at the original post published on CyberNews:

https://cybernews.com/security/millions-ip-cameras-exposed/

About the author: Jurgita Lapienytė, Chief Editor

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, IP cameras)

The post <strong>3.5m IP cameras exposed, with US in the lead</strong> appeared first on Security Affairs.

A small boat carrying migrants has sunk off the southeastern coast of England, killing some of those on board, the BBC reported on Wednesday.

Britain’s government and emergency officials confirmed that an incident was ongoing, with lifeboats, helicopters and rescue teams working with the French and British navies to respond to an event that occurred in freezing conditions at around 3:40 a.m.

“It’s understood there have been fatalities after a migrant boat sank in the Channel. This has not yet been confirmed by the authorities,” the BBC’s local reporter said on Twitter.

Temperatures have plunged across Britain in the last week, bringing snow to some parts of the country. The temperature was logged at 2 degrees Celsius (36 degrees Fahrenheit) in a nearby town.

“We are aware of an incident in UK waters and all relevant agencies are supporting a coordinated response,” a spokesperson for the government said. “Further details will be provided in due course.”

Small boats, often inflatable dinghies, travel regularly across the Channel carrying migrants from France to Britain.

More than 40,000 people, a record number, have arrived via the perilous journey this year, reigniting tensions between Britain and France.

Data compiled by the Missing Migrants Project showed 205 migrants had been recorded dead or missing in the English Channel since 2014.

In the worst recorded accident of its kind, 27 people died while attempting to cross the sea in an inflatable dinghy in November 2021.

The new incident comes a day after British Prime Minister Rishi Sunak unveiled plans to toughen the laws to stop the small boats crossing the Channel, including legislation to prevent migrants from remaining in the country.

Sunak said the government was sending a message that “enough is enough” and people were “right to feel angry” about repeated failures to tackle the issue.

Spanish authorities have taken action against a criminal gang suspected of laundering dirty money linked to the Magnitsky case, a 219 million euros ($233 million) corruption case in Russia, and have arrested one individual, the Europol international police body said on Wednesday.

Europol said the unnamed individual at the centre of the suspected money laundering scheme had been arrested in the Canary Islands. A total of 75 properties have been seized so far across Spain for a cumulative value of 25 million euros, added Europol.

($1 = 0.9396 euros)

A lei da concorrência e Preservação do Jornalismo, apresentada por democratas e republicanos no Congresso dos EUA, seria a primeira proposta a desafiar de forma fundamental o modelo de negócios das gigantes que das redes sociais, forçando-as a dar às grandes organizações jornalísticas uma parte da sua receita publicitária.

Enquanto os legisladores consideram a possibilidade de anexar a medida aos pacotes de gastos do final do ano, o Google e a Meta – que comanda Facebook, Instagram e WhatsApp – estão despejando dinheiro em duas mensagens aparentemente contraditórias na busca por derrotar o projeto.

A estratégia joga com as preocupações à esquerda e à direita quanto às redes sociais: segundo a mensagem, a JCPA, como a lei é conhecida por sua sigla em inglês, é simultaneamente uma proposta apoiada por progressistas para “silenciar vozes conservadoras” e uma iniciativa da extrema direita que financiará vozes pró-Trump consideradas fonte de “perigosa desinformação”.

A retórica exagerada era parte de uma campanha maior para impedir qualquer proposta de compartilhar a receita publicitária, a principal fonte de renda das empresas de redes sociais e de mecanismos de busca. A mensagem destinada a orquestrar a oposição republicana à JCPA é patrocinada pela NetChoice, e a mensagem que busca levantar a oposição democrata à JCPA é apoiada pela Associação da Indústria de Computadores e Comunicações, ou CCIA na sigla em inglês. As duas organizações são financiadas por Google e Meta, e servem para influenciar os congressistas e a opinião pública em nome das preocupações compartilhadas pelas duas megacorporações.

No início de dezembro, vazaram relatos de que apoiadores da JCPA – incluindo os senadores Amy Klobuchar, uma democrata do Michigan, o republicano John Kennedy, da Louisiana, o democrata Cory Booker, de Nova Jersey, e o republicano Chuck Grassley, do Iowa – tinham convencido os líderes do Senado a incluir o texto como parte da Lei de Autorização da Defesa Nacional, ou NDAA na sigla em inglês, um projeto abrangente que financia as forças militares. O projeto de lei foi aprovado pelo Comitê de Justiça do Senado em setembro.

A investida lobista, até aqui, tem sido bem-sucedida. O texto bicameral da NDAA, publicado no último dia 6, não inclui a JCPA, uma mudança que demonstrou a influência do Vale do Silício sobre as lideranças do Congresso.

Embora o caminho para utilizar a NDAA pareça fechado, quem apoia a JCPA espera por um acordo em potencial que inclua a legislação no pacote de gastos que o Congresso vai discutir neste mês.

A JCPA, que teve como modelo uma nova lei australiana de 2021, proporcionaria uma isenção legal às regras antitruste, permitindo que os veículos de mídia negociassem coletivamente com as plataformas do Vale do Silício, em busca de uma fatia das receitas publicitárias que eles ajudam a gerar.

Os defensores argumentam que o domínio do Google e do Facebook sobre a indústria de publicidade online dizimou o modelo de negócios tradicional dos veículos de notícias. Enquanto as companhias de redes sociais têm lucros de bilhões de dólares, a indústria de notícias viu a destruição de mais de 70 publicações diárias e mais de 2 mil veículos semanais desde 2004. Uma pesquisa do Paw Research Center, feita antes da pandemia, descobriu que as redações americanas tinham fechado 30 mil postos de trabalho desde 2008, um número que provavelmente cresceu nos últimos dois anos.

O argumento em prol do JCPA também aponta para o relativo sucesso do modelo australiano, que levou à distribuição de 200 milhões de dólares australianos entre veículos de notícias. Muitas publicações, grandes e pequenas, relataram que obtiveram sucesso graças ao acordo, incluindo o The Guardian, que ampliou sua redação na Austrália em 50 jornalistas após negociar um acordo com as plataformas de redes sociais.

Um ponto de discórdia diz respeito a quais tipos de veículos se qualificariam para participar da negociação coletiva, e como essas negociações poderiam impactar o conteúdo editorial. Durante o debate do comitê do Senado a respeito do projeto de lei, o senador republicano Ted Cruz, do Texas, conseguiu acrescentar provisões de que “a isenção antitruste será apenas para discussões sobre valores, excluindo explicitamente quaisquer discussões ou acordos entre as gigantes de tecnologia e os veículos de mídia que digam respeito à moderação de conteúdo”, de acordo com um comunicado de seu gabinete.

A lei australiana permitiu negociações para veículos grandes e estabelecidos, e também para algumas editoras menores. Nelson Yap, editor do Australia Property Journal, observou em um e-mail ao Intercept que sua publicação pôde se juntar a um grupo de 24 pequenas editoras locais para negociar um acordo com o Google, o que ajudou seu veículo a expandir sua equipe de notícias. A Meta, no entanto, recusou-se a negociar com o grupo de pequenos editores australianos.

A indústria de tecnologia teme que o modelo australiano venha a se espalhar por outras partes do mundo. Um projeto de lei semelhante está sendo debatido no Canadá.

Além dos anúncios de televisão da NetChoice e da CCIA, a notícia de que o NDAA poderia incluir a lei de negociação com os veículos de notícias acendeu os alarmes em uma série de organizações de esquerda e direita financiadas pela indústria tecnológica, atacando o projeto como uma iniciativa equivocada.

A Câmara do Progresso, um grupo de comércio bancado por Google e Meta para influenciar progressistas, advertiu que a JCPA supostamente distribuiria sete vezes mais receitas aos veículos conservadores do que à mídia local. O Instituto R Street, que recebe financiamento do Google, apareceu no programa de rádio do Breitbart News para alertar que a JCPA só ajudará “grandes conglomerados de mídia” às custas de pequenos veículos conservadores.

Uma carta divulgada no dia 5 por organizações financiadas por empresas de tecnologia, incluindo a NetChoice, o Instituto Copia e a Câmara do Progresso, afirmou que a JCPA vai “aumentar a quantidade de desinformação, discurso de ódio e assédio em rede”.

“Eu acho que é muito astroturf”, disse Jon Schweppe, diretor de política e assuntos governamentais do Projeto Princípios Americanos, um grupo de vigilância de direita que adverte contra a influência da indústria tecnológica. “Esses caras, as grandes empresas de tecnologia, são brilhantes em fazer discurso duplo para os dois lados ao mesmo tempo”.

Andy Stone, um porta-voz da Meta, disse em uma declaração escrita que sua empresa seria “forçada a considerar a remoção de notícias” do Instagram e do Facebook em vez de se submeter a negociações de receita com editores de notícias.

A ameaça repete o debate em torno da lei australiana. Na época em que ela era discutida, o Google alegou que a proposta da Austrália “quebraria” seu serviço de busca, e o Facebook também ameaçou sair do país e banir links para sites de notícia australianos. O Google alegou até mesmo que a proposta “poderia levar a que seus dados fossem entregues a grandes empresas de notícias”.

No fim, a indústria da tecnologia recuou. Após uma breve suspensão, o Facebook voltou à Austrália e, juntamente com o Google, participou de negociações com os editores.

“Como estamos vendo com a JCPA, a Austrália também viveu uma grande propaganda das gigantes de tecnologia contra sua lei de negociação com a mídia”, disse Emma McDonald, assessora sênior de políticas da Fundação Minderoo, uma organização filantrópica australiana que apoiou a lei.

“Facebook e Google têm tirado proveito de graça dos veículos de mídia há anos. A legislação aborda o desequilíbrio nas negociações e faz as gigantes de tecnologia pagarem sua parte”, acrescentou McDonald. “A lei tem funcionado na Austrália e não há razão para não funcionar nos EUA. As pequenas publicações negociaram coletivamente com o Google e conseguiram um bom acordo”.

Tradução: Maíra Santos

The post Google e Facebook fazem lobby com esquerda e direita para não dividir lucros com a mídia appeared first on The Intercept.

RABAT (Reuters) -Morocco’s national airline said it was cancelling all flights it had scheduled for Wednesday to carry fans to Doha for the World Cup semi-final, citing what it said was a decision by Qatari authorities.

“Following the latest restrictions imposed by the Qatari authorities, Royal Air Maroc regrets to inform customers of the cancellation of their flights operated by Qatar Airways,” the airline said in an emailed statement.

The Qatari government’s international media office did not immediately respond to requests for comment.

Royal Air Maroc had previously said it would lay on 30 additional flights to help fans get to Qatar for Wednesday night’s semi-final game against France but on Tuesday a source at a RAM travel agency said only 14 flights had been scheduled.

The cancellation of Wednesday’s seven scheduled flights means RAM was only able to fly the seven flights on Tuesday, leaving fans who had already booked match tickets or hotel rooms unable to travel.

RAM said it would reimburse air tickets and apologised to customers.

The RAM spokesperson did not immediately respond to Reuters request for comment. Qatar Airways did not immediately respond to Reuters request for comment.

United Airlines

• Air travel website AirHelp released this year’s ranking of the world’s top airlines. 
• Qatar Airways was crowned the best airline of 2022, beating out 63 airlines.
• United Airlines ranked second in the list, and was one of two US airlines to make the top 10.

Travel website AirHelp ranks the world’s best airlines on three metrics: on-time performance, customer opinion, and claims processing.A flight attendant aboard United Airlines.

Contributor/Getty Images

Launched in 2015 by German claims-management company AirHelp, AirHelp Score is an annual ranking of the world’s top airlines.

These airlines are evaluated based on three criteria — on-time performance, customer opinion, and claim processing — and are scored on a 10-point scale. Each criterion makes up a third of the final score. 

‘On-time performance’ measures the percentage of an airline’s flights that arrive within 15 minutes of their published arrival time. 

‘Customer opinion’ assesses what passengers think of the airline’s quality of service based on five factors: cabin crew, aircraft comfort, aircraft cleanliness, food offering, and onboard entertainment. Passengers provided a score of between one and five for each factor. 

‘Claim processing’ refers to how efficiently an airline handles claims and settles payouts. AirHelp cited its own data for this criterion. 

“AirHelp has found that combining these three categories provides a well-rounded view of airlines’ performances throughout the year,” Tomasz Pawliszyn, the company’s CEO, told Insider in an email.

AirHelp explained in its methodology brief that it took into account a total of 805 airlines around the world, but only included 64 of the largest airports in terms of passenger numbers and “popularity.” AirHelp also said that it excluded airlines for which it was unable to procure data. For 2022’s ranking, the company collected data between January 1 and October 31. 

Take a look at the 10 airlines that were ranked the best in the world this year by AirHelp. Entrants are arranged in ascending order according to their final scores.

10. Austrian Airlines (AUA)A pair of Austrian Airlines aircraft on a runway.

Nicolas Economou/NurPhoto via Getty Images

Overall: 7.67 

On-time performance: 8

Customer opinion: 7.9

Claim processing: 7.1

Austrian Airlines is rated four-stars by Skytrax, a UK-based aviation ratings site. It has mixed passenger reviews on the review site, with an average score of five out of 10. One traveler who flew with the airline in December said “staff were very friendly,” and the airline was “well-organized.”

Other passengers, however, said they had a different experience.

A traveler from the Netherlands said Austrian Airlines “refused to book a direct flight for him” in October after the airline’s delayed flight caused him to miss his connecting flight. Another traveler from the US said the airline had the “worst customer service” and that ground personnel were “so rude.”

 

9. Japan Airlines (JAL)A pair of Japan Airlines aircraft on a runway.

Markus Mainka/Shutterstock

Overall: 7.74

On-time performance: 8.9

Customer opinion: 8.9

Claim processing: 5.3

Japan Airlines is rated five stars by Skytrax. The airline is especially known for its long-haul first- and economy classes.

Passengers rated the airline an average of seven out of 10 on Skytrax’s review site. A traveler from Malaysia, who flew on the airline in November, said the flight exceeded his expectations with the “amazing” service. Another passenger from the UK who traveled on business class in October said the Wagyu steak he was served on the flight was “delicious.”

8. American Airlines (AAL)An American Airlines aircraft flying above a row of trees.

Getty Images

Overall: 7.74

On-time performance: 7.7

Customer opinion: 8

Claim processing: 7.5

American Airlines is rated three stars by Skytrax. The airline has an average rating of two out of 10 on Skytrax’s customer review site. 

A traveler, who flew on the airline in December described their trip as a “very positive experience.” On the other hand another passenger, who also traveled with the airline in the same month, said the customer service was “horrible,” and that a staff member had snapped at them.

7. China Airlines (CAL)A China Airlines aircraft flying in the sky.

KITTIKUN YOKSAP/Shutterstock.com

Overall: 7.76

On-time performance: 7.8

Customer opinion: 7.9

Claim processing: 7.6

China Airlines has a four-star rating on Skytrax. The airline has an average passenger rating of six out of 10 on Skytrax’s customer review site. 

A passenger from New Zealand who flew on the airline in December said that their trip was “excellent” and that the cabin crew were attentive. Another traveler from Canada who flew on premium economy said they had “no complaints about the food” and the flight attendants were “polite and helpful.”

6. Eurowings (EWG)A Eurowings Airbus A320 aircraft taking off.

INA FASSBENDER/AFP/Getty

Overall: 7.92

On-time performance: 7.5

Customer opinion: 7.6

Claim processing: 8.7

Eurowings is rated a three-star airline by Skytrax and is described as “low-cost” carrier. It has an average passenger rating of three out of 10 on Skytrax’s customer review site. 

A traveler who flew on the airline in November said it was “overcrowded,” while another passenger who traveled in October said the airline was a “joke” and they had to spend hours calling customer service before getting connected.

5. Latam Airlines (LAN)A Latam Airlines aircraft cruising in the sky.

Fabrizio Gandolfo/SOPA Images/Getty

Overall: 7.95

On-time performance: 8.6

Customer opinion: 8.1

Claim processing: 7.1

Latam Airlines is rated three stars by Skytrax. It has an average score of three out of 10 on Skytrax’s passenger review site. 

A traveler from the US who flew on the airline in December said they had a “horrible experience” with the airline, while another passenger who traveled in November said the airline had a “severe lack of customer service.”

On the other hand, a passenger who flew with the airline in April said the airline’s staff “went above the call of duty” and were “extremely helpful.”

4. Etihad Airways (ETD)An Etihad Airways aircraft flying in the sky.

Boeing

Overall: 7.98

On-time performance: 8.1

Customer opinion: 8.7

Claim processing: 7.2

Etihad Airways is rated a four-star airline by Skytrax. It has an average rating of four out of 10 on Skytrax’s passenger review site. 

A passenger who traveled on Etihad in December said the airline on economy served “horrible food.” Another traveler from Australia, who flew on the airline in November, said they will “never fly” it again after not being able to upgrade their class.

On the contrary, a traveler who flew the airline in November said its first class was “outstanding, formal, and professional.”

3. Qantas Airways (QFA)A Qantas aircraft at Sydney Airport.

Getty Images

Overall: 8.02

On-time performance: 7.1

Customer opinion: 8.3

Claim processing: 8.7

Qantas is rated four stars by Skytrax. It has an average rating of six out of 10 on Skytrax’s passenger review site. 

A traveler who flew on the airline in December said they experienced “excellent service” and that they enjoyed the “comfy seat.” Another passenger from the UK, who traveled on the airline in the same month, lauded the “good wines and food” and “nice, attentive crew.”

2. United Airlines (UAL)A United Airlines aircraft cruising in the sky.

United Airlines

Overall: 8.07

On-time performance: 7.9

Customer opinion: 7.9

Claim processing: 8.4

United Airlines has a three-star rating on Skytrax. It has an average rating of three out of 10 on Skytrax’s customer review site.

A passenger, who traveled on the airline in December, said the airline’s cleanliness was subpar as they “found a piece of bread in a box with butter all green with mold” under his seat. Another traveler, who flew in the same month, said the catering was “terrible.”

On the other hand, a passenger who flew in November, said they had a better experience, as the airline had a “good selection”of entertainment, free wine, and friendly flight attendants.

 

1. Qatar Airways (QTR)A Qatar Airways’ Boeing 777 aircraft in the special FIFA livery.

Qatar Airways

Overall: 8.11

On-time performance: 7.6

Customer opinion: 8.9

Claim processing: 7.8

Qatar Airway is rated five stars by Skytrax. The airline has an average rating of seven out of 10 on Skytrax’s customer review site.

A passenger from Germany, who traveled on the airline in December, said the business class provided “first class service” and the cabin crew were “on the ball.”

Another traveler, who flew on economy, said their flight was “very spacious and comfortable.”

Source link

The post Russians strike coastal area in Mykolaiv region appeared first on Ukraine Intelligence.

From the lush Amazon rainforest to the frigid Arctic Ocean, the world’s landscapes — and all the wildlife they contain — are under threat, and the world needs to set aside a third of all land and sea territories to save them, U.N. experts say.

The call is central to the global agreement being hashed out this month at the U.N. biodiversity summit in Montreal. If approved at the end of the summit next week, governments would be agreeing to set aside 30% of their land and sea territories for conservation by 2030 – doubling the amount of land area and more than tripling the ocean territory currently under conservation.

More than 110 countries have come out in support of the 30-by-30 goal, including Canada, the United States and France.

Proponents argue that the goal is crucial to reversing the destruction of nature. Currently, more than 1 million species are at risk of extinction, while the global insect population declines at up to 2% every year and about 40% of the world’s remaining plant species are in trouble.

But as is often the case with science-based policy, the details matter to whether a 30% global conservation goal can truly save the world’s imperiled species and places.

“The danger, as with all these sorts of events populated by politicians, is they want a simple number,” said Stuart Pimm, a biologist at Duke University. “They would like to be able to leave Montreal and say we’re going to protect 30% of the planet. But that alone is not enough.”

This driving question ultimately comes down to quantity versus quality.

There is not a strong scientific argument behind 30% as the threshold for staving off species loss, experts said. In reality, it could take a much greater percentage of land or sea — or a lower percentage — depending which areas are selected.

“30% is neither necessary nor sufficient,” Pimm said. “If we do things the right way, we protect most biodiversity by being smart — by protecting the areas that matter.”

There is a temptation, he said, to conserve vast tracts of land that are already without many people, but also have relatively little biodiversity, such as the Arctic tundra or Saharan desert.

But it is important to protect areas with lots of different species, known as biodiversity hot spots, even if they are more challenging to conserve because people live there or there are extractive industries.

Protecting narrow slices of land and sea such as Australia’s Great Barrier Reef or the Andes mountains, can offer far more reward than protecting large swathes of prairie, for example.

“A numerical target isn’t going to work,” Pimm said. “If we were to just protect 50% of the planet, and we protect the least populated 50%, it will do very little for biodiversity.”

A June 2022 study in the journal Science found that at least 44% of global land area would be needed to protect areas with a high diversity of species, prevent the loss of intact ecosystems, and optimize the representation of different landscapes and species. But more than 1.8 billion people live in these areas.

However, co-author Hugh Possingham, a researcher at the University of Queensland, noted that “while there is nothing magical about 30% … targets help focus the attention of nations.”

“I see 30% as a goal that most countries can reasonably achieve by 2030,” he said, adding some countries, such as Bhutan, had already passed this goal.

One of the key tension points that has emerged in the 30-by-30 debate at COP15 is whether the target should be carried out globally or at a national level.

It is an important distinction, scientists and negotiators said. Some countries are small, without much land to set aside for nature. Others are vast and still contain a high degree of biodiversity, such as tropical forest nations like Brazil and Indonesia. Were such countries to protect only 30% of their territories, that could actually result in a significant loss of nature.

“Some ecosystems are more diverse and more fragile,” Possingham said. “Places like the Amazon need much greater fractions than 30% to conserve their biodiversity — and maintain ecosystem functions that stabilize the planet’s climate.”

Currently, just under 50% of the Amazon is under some form of official protection or indigenous stewardship, so a national pledge to conserve 30% would represent a significant downgrade.

The other dispute plaguing 30-by-30 is over what should count as protection. Some countries might allow people to live within protected areas or promote indigenous stewardship of these lands. Some might even allow for extractive industries to operate under permits and regulation. In other cases, conservation areas are off limits to everyone.

The European Union has proposed allowing activities like logging, mining and fishing to be carried out under conservation management for 20% of protected areas, while 10% would be held under stricter protections.

The idea caused environmental nonprofit Greenpeace to accused the EU last week of trying to water down language on 30-by-30, which the EU denied.

“Whatever activity is eventually happening in those areas, it should not harm biodiversity and the functioning of the ecosystem,” said Ladislav Miko, a special biodiversity envoy from the Czech Republic with the European Commission, at a news conference last week.

Read more:

EXPLAINER-Why did past targets to protect nature fail over the last decade?

GRAPHIC-How daredevil drones find nearly extinct plants hiding in cliffs

Related Galleries:

VMware fixed three flaws in multiple products, including a virtual machine escape issue exploited at the GeekPwn 2022 hacking competition.

VMware addressed three vulnerabilities in multiple products, including a virtual machine escape flaw, tracked as CVE-2022-31705, that was exploited at the GeekPwn 2022 hacking competition.

A working exploit for the CVE-2022-31705 vulnerability was demonstrated by Ant Security researcher Yuhao Jiang during the Geekpwn, a hacking contest run by the Tencent Keen Security Lab.

The CVE-2022-31705 vulnerability (CVSSv3 base score of 9.3) is a heap out-of-bounds write issue in the USB 2.0 controller (EHCI).

“VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI)” reads the advisory published by the virtualization giant. “A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.”

The company also addressed a command injection and directory traversal security vulnerabilities, respectively tracked as CVE-2022-31702 and CVE-2022-31703, impacting the VMware vRealize Network Insight (vRNI) solution. Below are the details for the flaws:

• VMware vRealize Network Insight (vRNI) command injection vulnerability (CVE-2022-31702) – “vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API.” states the advisory. “A malicious actor with network access to the vRNI REST API can execute commands without authentication.”

• VMware vRealize Network Insight (vRNI) contains a directory traversal vulnerability (CVE-2022-31703) – “vRealize Network Insight (vRNI) directory traversal vulnerability in vRNI REST API.” reads the advisory. “A malicious actor with network access to the vRNI REST API can read arbitrary files from the server.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, VMware)

The post VMware fixed critical VM Escape bug demonstrated at Geekpwn hacking contest appeared first on Security Affairs.