Tag Archive for: much

Meet unc0ver, the new jailbreak that pops shell—and much more—on any iPhone

Meet unc0ver, the new jailbreak that pops shell—and much more—on any iPhone

Enlarge (credit: Maurizio Pesce / Flickr)

Hackers have released a new jailbreak that any user can employ to gain root access on any iPhone, regardless of the hardware as long as it runs iOS 11 or later.

Dubbed unc0ver, the exploit works only when someone has physical access to an unlocked device and connects it to a computer. Those requirements mean that the jailbreak is unlikely to be used in most malicious scenarios, such as through malware that surreptitiously gains unfettered system rights to an iPhone or iPad. The inability for unc0ver to survive a reboot also makes it less likely it will be used in hostile situations.

Rather, unc0ver is more of a tool that allows users to break locks Apple developers put in place to limit key capabilities such as what apps can be installed, the monitoring of OS functions, and various other tweaks that are standard on most other OSes. The jailbreak, for instance, allows users to gain a UNIX shell that has root privileges to the iPhone. From there, users can use UNIX commands to do whatever they’d like.

Read 6 remaining paragraphs | Comments

Biz & IT – Ars Technica

It’s Not Even Clear If Remdesivir Stops COVID-19, And Already We’re Debating How Much It Can Price Gouge

You may recall in the early days of the pandemic, that pharma giant Gilead Sciences — which has been accused of price gouging and (just last year!) charging exorbitant prices on drug breakthroughs developed with US taxpayer funds — was able to sneak through an orphan works designation for its drug remdesevir for COVID-19 treatment. As we pointed out, everything about this was insane, given that orphan works designations, which give extra monopoly rights to the holders (beyond patent exclusivity), are meant for diseases that don’t impact a large population. Gilead used a loophole: since the ceiling for infected people to qualify for orphan drug status is 200,000, Gilead got in its application bright and early, before there were 200,000 confirmed cases (we currently have over 1.3 million). After the story went, er… viral, Gilead agreed to drop the orphan status, realizing the bad publicity it was receiving.

After a brief dalliance with chloroquine, remdesivir has suddenly been back in demand as the new hotness of possible COVID-19 treatments. Still, a close reading of the research might give one pause. There have been multiple conflicting studies, and Gilead’s own messaging has been a mess.

On April 23, 2020, news of the study’s failure began to circulate. It seems that the World Health Organization (WHO) had posted a draft report about the trial on their clinical trials database, which indicated that the scientists terminated the study prematurely due to high levels of adverse side effects.

The WHO withdrew the report, and the researchers published their results in The Lancet on April 29, 2020.

The number of people who experienced adverse side effects was roughly similar between those receiving remdesivir and those receiving a placebo. In 18 participants, the researchers stopped the drug treatment due to adverse reactions.

But then…

However, also on April 29, 2020, the National Institute of Allergy and Infectious Diseases (NIAID) announced that their NIH trial showed that remdesivir treatment led to faster recovery in hospital patients with COVID-19, compared with placebo treatment.

“Preliminary results indicate that patients who received remdesivir had a 31% faster time to recovery than those who received placebo,” according to the press release. “Specifically, the median time to recovery was 11 days for patients treated with remdesivir compared with 15 days for those who received placebo.”

The mortality rate in the remdesivir treatment group was 8%, compared with 11.6% in the placebo group, indicating that the drug could improve a person’s chances of survival. These data were close to achieving statistical significance.

And then…

“In addition, there is another Chinese trial, also stopped because the numbers of new patients with COVID-19 had fallen in China so they were unable to recruit, which has not yet published its data,” Prof. Evans continues. “There are other trials where remdesivir is compared with non-remdesivir treatments currently [being] done and results from some of these should appear soon.”

Gilead also put out its own press release about another clinical trial, which seems more focused on determining the optimal length of remdesivir treatment. Suffice it to say, there’s still a lot of conflicting data and no clear information on whether or not remdesevir actually helps.

Still, that hasn’t stopped people from trying to figure out just how much Gilead will price gouge going forward:

The Institute for Clinical and Economic Review (ICER), which assesses effectiveness of drugs to determine appropriate prices, suggested a maximum price of $ 4,500 per 10-day treatment course based on the preliminary evidence of how much patients benefited in a clinical trial. Consumer advocacy group Public Citizen on Monday said remdesivir should be priced at $ 1 per day of treatment, since “that is more than the cost of manufacturing at scale with a reasonable profit to Gilead.”

Some Wall Street investors expect Gilead to come in at $ 4,000 per patient or higher to make a profit above remdesivir’s development cost, which Gilead estimates at about $ 1 billion.

So… we’ve got a range of $ 10 to $ 4,500 on a treatment that we don’t yet know works, and which may or may not save lives. But, given that we’re in the midst of a giant debate concerning things like “reopening the economy” — something that can really only be done if the public is not afraid of dying (or at least becoming deathly ill) — the value to the overall economy seems much greater than whatever amount Gilead wants to charge. It seems the right thing to do — again, if it’s shown that remdesevir actually helps — is to just hand over a bunch of money to Gilead, say “thank you very much” and get the drug distributed as widely as possible. Though, again, it should be noted that a decent chunk of the research around remdesevir was not done or paid for by Gilead, but (yet again) via public funds to public universities, which did the necessary research. The idea that it’s Gilead that should get to reap massive rewards for that seems sketchy at best. But the absolute worst outcome is one in which Gilead sticks to its standard operating procedure and prices the drug in a way that millions of Americans can’t afford it, and it leads to a prolonging/expanding of the pandemic.

Techdirt.

The Afghanistan Papers v. The Pentagon Papers: How A Whistleblower Worked Much Better Than Endless FOIA Litigation

On Monday morning, the Washington Post released The Afghanistan Papers, an incredible (though, tragically, not surprising) collection of unpublished notes and interview transcripts revealing that the past three administrations — Trump, Obama, and Bush — all lied consistently and repeatedly about how bad things were going in Afghanistan, pretending that various actions were succeeding, while the reality was they knew it was an unwinnable war.

“We were devoid of a fundamental understanding of Afghanistan — we didn’t know what we were doing,” Douglas Lute, a three-star Army general who served as the White House’s Afghan war czar during the Bush and Obama administrations, told government interviewers in 2015. He added: “What are we trying to do here? We didn’t have the foggiest notion of what we were undertaking.”

“If the American people knew the magnitude of this dysfunction . . . 2,400 lives lost,” Lute added, blaming the deaths of U.S. military personnel on bureaucratic breakdowns among Congress, the Pentagon and the State Department. “Who will say this was in vain?”

And, as part of that, there was the concerted effort to hide this reality from the American public:

Several of those interviewed described explicit and sustained efforts by the U.S. government to deliberately mislead the public. They said it was common at military headquarters in Kabul — and at the White House — to distort statistics to make it appear the United States was winning the war when that was not the case.

“Every data point was altered to present the best picture possible,” Bob Crowley, an Army colonel who served as a senior counterinsurgency adviser to U.S. military commanders in 2013 and 2014, told government interviewers. “Surveys, for instance, were totally unreliable but reinforced that everything we were doing was right and we became a self-licking ice cream cone.”

John Sopko, the head of the federal agency that conducted the interviews, acknowledged to The Post that the documents show “the American people have constantly been lied to.”

For fairly obvious reasons, this release is being compared to the Pentagon Papers, a similar trove of documents that revealed how officials knew the Vietnam war was a lost cause and deliberately misled the American public about it for years.

There is one stark contrast between the two, however: how they came out. The Pentagon Papers came out because whistleblower Daniel Ellsberg leaked them to the press (for which President Nixon then tried to destroy his life in a bunch of different ways). The Afghanistan Papers, on the other hand, are coming out because of a years long FOIA battle by the Washington Post to get these documents released, against the wishes of the US government (who still was able to black out a bunch of information):

For all the talk about how whistleblowers and leakers should “use the proper channels,” every time we see the “proper channels” in action, they seem to only open up opportunities for the government to delay, hide things, and continue whatever destructive (but embarrassing) policy they have in place. There is a place for whistleblowers to call out this kind of misconduct, and as Ellsberg himself has been saying for years, the growing attacks (by each administration) against whistleblowers and leakers has much more to do with government embarrassment, rather than any legitimate attempt to “protect national security.”

Permalink | Comments | Email This Story

Techdirt.