The agency best known for delivering mail has a side hustle in online snooping.
Pop quiz: Which federal agency runs a social media surveillance unit known as the Internet Covert Operations Program (iCOP)?
If you guessed the FBI, the CIA, or the Department of Homeland Security—sorry. This one belongs to the U.S. Postal Service (USPS). And through it, postal inspectors have been monitoring social media platforms about U.S. protests, using tools that include a facial recognition database.
That the agency best known for delivering mail has a side hustle in online snooping took a lot of people by surprise when it was reported in April by Yahoo! News, which obtained a March 16 "Situational Awareness Bulletin" about iCOP operations. The bulletin mentioned that U.S. Postal Inspection Service (USPIS) agents monitoring Facebook, Parler, Twitter, and Telegram had noticed "significant activity regarding planned protests occurring internationally and domestically" as part of a rally for freedom and democracy.
"The iCOP program protects the Postal Service and the public by facilitating the identification, disruption, and dismantling of individuals and organizations that use the mail or USPS online tools to facilitate black market Internet trade or other illegal activities," the USPIS 2019 annual report explains. "Analysts in iCOP utilize USPS systems and tools to provide open source intelligence and cryptocurrency blockchain analysis in support of all Inspection Service investigations." Cases cover "narcotics, mail theft, revenue fraud, homicide, dangerous mail, and more."
As part of iCOP, USPIS agents "assume fake identities online, use sophisticated intelligence tools and employ facial recognition software," Yahoo!'s Jana Winter reported this year. These tools include Clearview AI's facial recognition database, which contains more than 3 billion images scraped from social media and other public websites, and Zignal Labs' real-time keyword search software.
Information from iCOP analysts was distributed through Homeland Security fusion centers to a wide array of law enforcement units and government authorities, as well as stored for future access. "The retention and dissemination of these reports could allow federal agencies to receive information they are not allowed by statute to collect themselves," Winter suggested.
Although the USPS has disclosed the program's existence in its annual reporting, this spring's revelations caused an uproar from some congressional Republicans, who expressed concern about iCOP's professed monitoring of "right-wing leaning Parler and Telegram accounts." The program "raises serious questions about the federal government's ongoing surveillance of, and encroachment upon, Americans' private lives and discourse," wrote 30 GOP members of Congress in an April 22 letter to Postmaster General Louis DeJoy.
"The type of amorphous, broad mandate under which iCOP is allegedly operating is particularly troubling because it is unclear why the USPS, of all government agencies and the only one devoted to the delivery of Americans' mail, is taking on the role of intelligence collection," the letter continued. "The United States is not lacking in its availability of intelligence agencies, and it should be left to those professionals to engage in this sort of behavior, if it is even necessary at all."
Rep. Matt Gaetz (R–Fla.) has introduced a bill—co-sponsored by nine Republicans—to prohibit USPIS funds from being used for the iCOP program.
On April 28, Chief Postal Inspector Gary R. Barksdale testified about the program before members of the House Committee on Oversight and Reform. He said it launched in 2017 to help detect mailed opioids and firearms but had morphed in May or June 2020 to monitoring the internet for information about potential threats to USPS leaders, staff, or facilities. "No audits of iCOP have occurred to date, but USPS is looking at governance issues," said a committee press release about the briefing.
Not everyone was satisfied by the answers Barksdale offered. He "was unprepared to answer our questions to the point of incompetence," Rep. Nancy Mace (R–S.C.) wrote in the Washington Examiner after the briefing. "Barksdale couldn't tell us…how much taxpayers were paying to run it, or even what legal authority the post office had to spy on the public's social media activities."
This time, Denuvo doesn't appear to be the culprit... entirely.
Over the weekend, the PC version of May 2021's Resident Evil 8: Village was apparently cracked and uploaded to various piracy depositories. In sadly unsurprising news, as with at least a few other cracked PC games in recent years, this scene release came with a bonus that's currently only available to freeloaders: improved performance.
The game's cracked version, credited to the release group Empress, includes an "NFO" text file that cites two distinct antipiracy prevention measures: "Denuvo V11" and "Capcom Anti-Tamper V3." While the NFO text includes its fair share of anti-Denuvo language, the Empress author's technical breakdown of the crack says both systems working in concert are to blame:
"All in-game shutters [sic] like the one from when you kill a zombie are fixed because Capcom DRM's entry points are patched out so most of their functions are never executed anymore. This results in much smoother game experience. THIS IS PURE CANCER AND ANYONE WHO ACCEPTS THIS IS NOTHING BUT A PATHETIC GARBAGE HUMAN SLAVE!"
The messaging continues with a key clarification: Capcom's DRM was "fully obfuscated" in a Denuvo virtual machine, thus making the game "run even slower."
While Ars Technica is—for obvious reasons—not in a position to perform comprehensive tests of RE8:V's cracked version, we have independently verified that the Empress release solves at least one infamous issue with the existing retail version: frame-time spikes.
Ars has seen like-for-like scenarios played out on RE8:V's retail and cracked versions on the same midgrade gaming PC with a RivaTuner Statistics Server (RTSS) performance graph turned on. The retail version includes easily reproducible scenarios where attacking an advancing zombie with a gun—something you do quite often in Resident Evil games—can trigger a visible on-screen stutter. In other words, the image freezes for a noticeable moment before the game catches up, and this can be seen in RTSS's real-time graph as a spike. The same spikes don't appear when the same save file is loaded on the game's cracked version.
Whether either version enjoys a lead in other performance metrics is unclear, and performance can obviously vary based on hardware, drivers, and other factors. But the aforementioned testing scenario was run on both versions of the game in 1080p resolution, an environment better suited to reveal CPU-bound performance limits, and the cracked version showed, at least in the limited tests we reviewed, a better distribution of its CPU workload across a 12-thread chip.
Previously, DRM providers like Denuvo have loudly admitted to the seeming inevitability that cracks appear on a per-game basis. "Given the fact that every unprotected title is cracked on the day of release—as well as every update of games—our solution made a difference," Denuvo's marketing director said in 2017. Coincidentally, this admission came in the case of Resident Evil 7, the last mainline entry in Capcom's long-running horror series, whose Denuvo scheme was cracked less than a week after the game's retail launch.
Whatever Capcom and Denuvo worked up this time around seems to have evaded crackers' efforts for much longer. That may have come at the price of guaranteed smooth performance—with gaming analysts like Digital Foundry's Alex Battaglia maligning the game's PC version. "This stuttering honestly leaves a very bad first impression for this game, as the pivotal moment of a first-person game with guns is shooting those guns," Battaglia said shortly after RE8:V's May 2021 launch. "If that is unsatisfying very often when you do it, then the game is doing something wrong."
Still, Denuvo has done enough work in recent years to rule out the obvious assumption that its DRM instantly results in reduced PC performance. Hence, we made sure to get an independently verified test result before moving forward, even if it might mean certain PC hardware combinations may work better with Capcom's existing retail version.
Judgments, last or otherwise
Capcom, like other gaming publishers, has eventually updated some of its PC games with Denuvo-free versions. In Capcom's case, though, that usually doesn't happen until the game in question has reached the end of its update life cycle, particularly in terms of post-launch DLC packs. As of press time, RE8:V still has unreleased DLC in the works. Capcom representatives did not immediately answer Ars' questions about whether RE8:V's PC version may receive a quicker path to such an update thanks to this week's Empress crack.
A weird, stuttering, DRM-laden PC game might very well be better than no PC version at all, and that fact came up on Monday when Japanese gamemaker and publisher Sega made the news for a PC-related complication of its own. Its Judgment gaming series, a critically acclaimed spinoff of Yakuza, might not continue after the sequel Last Judgment launches later this year. The issue, according to reports, is that one real-life actor's talent agency refuses to agree to terms that would bring the series to PC platforms like Steam.
Capture cards, input hardware, and machine learning get around system-level lockdowns.
When it comes to the cat-and-mouse game of stopping cheaters in online games, anti-cheat efforts often rely in part on technology that ensures the wider system running the game itself isn't compromised. On the PC, that can mean so-called "kernel-level drivers" which monitor system memory for modifications that could affect the game's intended operation. On consoles, that can mean relying on system-level security that prevents unsigned code from being run at all (until and unless the system is effectively hacked, that is).
But there's a growing category of cheating methods that can now effectively get around these forms of detection in many first-person shooters. By using external tools like capture cards and "emulated input" devices, along with machine learning-powered computer vision software running on a separate computer, these cheating engines totally circumvent the secure environments set up by PC and console game makers. This is forcing the developers behind these games to look to alternate methods to detect and stop these cheaters in their tracks.
Data allegedly sold individually or through weekly or monthly subscriptions.
Federal prosecutors and attorneys on Friday charged a man with securities fraud for allegedly selling insider stock information on the dark web site AlphaBay. The defendant also sold information through multiple criminal marketplaces and through an encrypted messaging platform.
In an indictment filed in federal court in the Southern District of New York, Department of Justice prosecutors alleged that Apostolos Trovias, 30, of Athens, Greece, created an account on AlphaBay in 2016 and used it to advertise and sell stock tips until the dark web criminal marketplace was shut down the following year. Prosecutors said that using the pseudonym “The Bull,” Trovias sold the tips both individually and as weekly or monthly subscriptions, using Bitcoin to receive payments.
“Behind the veil of the Dark Web, using encrypted messaging applications and emails, Trovias created a business model in which he sold—for profit—proprietary information from other companies, stock trading tips, pre-release earnings, and other inside information, as we allege,” FBI Assistant Director William F. Sweeney Jr. said in Friday’s news release. “The FBI operates within the Dark Web too, and as Trovias learned today, we don't stop enforcing the law just because you commit federal crimes from behind a router with your keyboard.”
According to both the Justice Department and the US Securities and Exchange Commission—which also charged Trovias in a civil complaint on Friday—the Greek national misappropriated earnings reports from various companies, along with other company communications, before they were publicly released.
During the seven months Trovias was on AlphaBay, he allegedly completed at least 45 transactions, including the sale of “dozens” of individual tips and around a half-dozen weekly and monthly plans. Prices allegedly ranged from about $29.95 per tip to $329.95 for a monthly subscription. He also stands accused of selling at least one pre-release earnings report from a publicly traded company for about $5,000.
Once AlphaBay shut down, Trovias allegedly moved to another crime forum called Dream Market. Prosecutors said that from 2017 to last year, Trovias also used encrypted messaging and email services to sell insider information directly to purchasers. Last year, he allegedly took steps to create a website to facilitate insider tip sales. He planned to charge membership fees and commissions from individuals, prosecutors said. SEC attorneys also alleged he used a different dark web site called Nightmare Market.
“During his chats with the FBI agents, Trovias suggested that he would recruit insiders to auction material, nonpublic information on the site, acting as an escrow agent for the sellers and purchasers,” the SEC attorneys wrote. “In August 2020, Trovias suggested an in-person meeting with the two undercover FBI agents to further discuss establishing the Tor website.”
According to a criminal complaint filed in February, stocks Trovias is accused of selling insider information about include MobileIron, Inc., PTC Therapeutics, Inc., Illumina, Inc., and Analogic Corporation. None of those companies are accused of wrongdoing.
Investigators identified Trovias by allegedly sending him payments and using blockchain analysis to monitor the digital wallets that received them. Prosecutors claimed one of the wallets was linked to a payment card Trovias used.
The defendant was charged with one count of securities fraud and one count of money laundering. The securities fraud count carries a maximum penalty of 25 years in prison, and the money laundering count carries a maximum penalty of 20 years in prison. Attempts to reach Trovias for comment weren’t immediately successful.
Security researchers have uncovered a new malware strain that uses the popular OBS Studio live-streaming app to record and broadcast the screen of its victims to attackers.
The Security Service of Ukraine (SSU) on Thursday reported that Ukrainian law enforcement has pulled the plug on a clandestine cryptocurrency mining farm in the city of Vinnytsia. The perpetrators had set up camp in an old warehouse and stealthily tapped into the city's power grid to mine cryptocurrency. Most interestingly, the miners were caught with a shocking number of Playstation 4's. And pretty much everything else, too.
The Ukrainian authorities reportedly seized up to 5,000 pieces of hardware, including over 500 graphics cards, 50 processors and 3,800 PlayStation 4 (PS4) consoles, all of which are in short supply in the U.S. and beyond, as well as other tidbits.
It's not surprising to see processors and graphics cards discovered, since they are required to power mining rigs. The PS4 consoles, however, seem to be out of place.
I would like to sign up for chat, please. I thought I actually already was back when it was on a prior URL, but I suppose that isn't the case?
Thank you for your consideration.
Sent via PM
Thank you for your consideration.