Never put off the work till tomorrow what you can put off today.

This speedy VPN is the key to unlocking your favourite streaming sites — 05/11/2021

This speedy VPN is the key to unlocking your favourite streaming sites

SAVE 49%: A one-year subscription to ExpressVPN is on sale for £4.97 per month as of May 11, and includes an extra three months for free.

We’ll paint a really frustrating picture for you: You’ve subscribed to a streaming site, only to find out the movie or show you desperately wanted to watch is only available in another country. We’ve all been there, and it’s annoying. But there’s no need to despair, because you can bypass these online restrictions with a VPN.

These handy services hide your real IP address and connect you to a server in another country, meaning you can trick your favourite streaming sites into thinking you are based somewhere else. This means you can watch all the extra content from that location. No more frustration.

There are plenty of VPNs that can unlock leading streaming sites, but ExpressVPN might be the best. It offers fast connection speeds, powerful encryption, and a large network of geographically diverse servers. What sets ExpressVPN apart from the competition is how it handles Netflix’s constant server blacklisting, with some of the best unblocking tools for dealing with geo-restrictions.

A one-year subscription to ExpressVPN is on sale for £4.97 per month as of May 11, saving you 49% on list price. This plan is fully refundable for 30 days, and comes with an extra three months for free.

Boost your content options with a discounted subscription to ExpressVPN.

Explore related content:

Start a lucrative side hustle with these free online courses —

Start a lucrative side hustle with these free online courses

TL;DR: As of May 11, you can start a side hustle with the best free online courses on Udemy.

There is absolutely no pressure to start a side hustle, despite what the online world might be telling you. If you want to sit back and be totally content with your situation, we fully support that. Likewise, we’ve got your back if you want to try something new.

Udemy has launched a bunch of free online courses that could support a side hustle, covering topics like the stock market, Microsoft Excel, Instagram, and much more. All you need to access these free courses is a set of voucher codes.

As of May 11, these are the best free online courses available on Udemy (with all the codes you need):

It’s important to note that all of these codes expire after May 11, so you’ll need to act quickly to secure these courses for free. We wouldn’t want you to miss out.

Start a side hustle with these free online courses. Or don’t. You do you.

Explore related content:

Save 96% on this comprehensive Cisco certification training bundle —

Save 96% on this comprehensive Cisco certification training bundle

TL;DR: The Complete 2021 Cisco Certification Training Bundle is on sale for £48.98 as of May 11, saving you 96% on list price.

Cisco certifications are one way to make your CV stand out in the IT field. But in order to get certified, you’ll need to pass a few key exams, and this Complete 2021 Cisco Certification Training Bundle can help you out.

With over 75 hours of content, this training bundle packs information that will help you pass five different Cisco exams — CCT 100-490, CCNA 200-301, CCNP 300-410, CCNP 300-420, and CCNP 350-401. There’s even a bonus course that covers Cisco Modeling Labs 2, where you’ll create models and what-if scenarios for real-world and future networks.

The five certification-based courses cover every topic in the official exam blueprint from Cisco, including architecture, virtualisation, infrastructure, network assurance, security, and automation. But beyond just getting you ready to answer questions correctly, the video courses presented by ITProTV aim to fill you with the core knowledge and skills you’ll need to be successful in implementing Cisco technologies while working in an enterprise network environment.

ITProTV is a community of IT professionals that deliver IT skills and training to a community of learners in an engaging, conversational, affordable, and convenient way. With 4.8 out of 5 stars on Trustpilot, it’s clear that their “edutainment” style is highly valued among learners.

It’s typically £1,256 when courses are offered separately, but you can snag this Cisco certification study guide on sale for just £48.98 for a limited time.

Snag a 2-year subscription to PlayStation Plus for under £50 —

Snag a 2-year subscription to PlayStation Plus for under £50

TL;DR: As of May 11, a two-year subscription to PlayStation Plus is on sale for £46.13 with the code USEPLAYSTATION.

As a PlayStation Plus subscriber, you’ll be connected to a new online community of gamers. You can swap tips on how to beat certain levels or just compete against one another with PlayStation classics.

The platform is constantly expanding its gaming library, so you’ll never run out of new games to play. With your account, you’ll get two free games each month. Last year, subscribers got free downloads of over two dozen different games.

An annual subscription typically costs around £42, but for a limited time, you can use the coupon code USEPLAYSTATION to knock the price down to just £46.13 for two years. The code is stackable, which is why you can snag up to two years for an extra-low price. You can either apply the code and get two years of free games and online competition at the promotional offer rate or split it with a friend or family member, so you each get one year for less.

In addition to the free games, PlayStation Plus members get exclusive discounts and deals that lead to even more savings.

DarkSide Hit Colonial Pipeline—and Created an Unholy Mess —

DarkSide Hit Colonial Pipeline—and Created an Unholy Mess

After a ransomware attack late last week, Colonial Pipeline and the United States government have been scrambling to restore service to a pipeline that delivers nearly half of the East Coast’s fuel. The culprit, according to the FBI, is the notorious and brazen ransomware gang known as DarkSide. And the repercussions of their attack may ripple far beyond what they intended.

Colonial Pipeline says it hopes to restore full service by the end of the week; in the meantime, the Department of Transportation released an emergency order on Sunday to allow expanded oil distribution by truck. But the real impact of the attack may be felt in the world of ransomware. While a number of hackers have long engaged in anarchic targeting, including a horrifying rash of attacks on hospitals last fall, close observers say the pipeline incident may finally represent a turning point.

DarkSide emerged last August and announced itself with a veneer of professionalism and efficiency. At the time, it pledged not to target health care providers, schools, or businesses that couldn’t afford to pay. A few months later, the group made a series of charitable donations, part of a long-running attempt to manage its reputation. But as a ransomware-as-a-service operation, DarkSide largely works on an affiliate model, loaning out its ransomware and infrastructure to criminal customers and taking a cut of whatever clients earn in their attacks. On Monday, as pressure mounted from US law enforcement and the White House itself, DarkSide seemed to blame the Colonial Pipeline hack on its affiliates and pledged to more thoroughly vet the criminals it contracts with. 

“We are apolitical, we do not participate in geopolitics,” DarkSide posted on Monday. “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” 

The statement is reminiscent of any industry promising to self-police as an alternative to government regulation. But even if you could take DarkSide at its word, the implication is that it’s somehow acceptable to target certain organizations with ransomware if they’re carefully selected.

“The idea that ransomware operators should decide who is worthy of being compromised is extremely problematic, to say the least,” says Katie Nickels, director of intelligence at the security firm Red Canary. “It’s absurd.”

DarkSide’s dubious pledge to self-regulate likely stems from concerns that hacking a critical infrastructure company and ultimately causing a mass service outage crossed a red line—whether DarkSide or one of its clients actually perpetrated the attack.

“I am not surprised that this happened. It was realistically only a matter of time before there was a major critical infrastructure ransomware incident,” says Brett Callow, a threat analyst at antivirus company Emsisoft. “DarkSide appears to have realized that this level of attention is not a good thing and could bring governments to action. They may stay with smaller attacks now in the hope that they’ll be able to continue making money for longer.”

Callow and other researchers emphasize, though, that it’s difficult to produce meaningful deterrence when it comes to ransomware and cyberattacks in general. Even after repeated wake-up calls and ransomware-related disasters, governments have not shown enough urgency in trying to solve the problem.

“One of the biggest challenges in cyber deterrence is attribution, and you can see that in this situation,” Red Canary’s Nickels says. “There are the ransomware developers, their affiliates and clients, and host countries that are ignoring their behavior. Who’s at fault? Who do you have to deter?”

DarkSide was illustrative of that enforcement problem even before the Colonial Pipeline attack. It almost exclusively targets English-speaking organizations and is widely thought to be a criminal group based in Russia or Eastern Europe. The DarkSide malware is even built to conduct language checks on targets and to shut down if it detects Russian, Ukrainian, Belarusian, Armenian, Georgian, Kazakh, Turkmen, Romanian, and other languages associated with Russia’s geopolitical interests. The Kremlin has historically let cybercriminals operate unfettered within its borders as long as they don’t go after their countrymen.

DarkSide’s rent-a-ransomware business model makes it difficult to determine who, specifically, is behind any given DarkSide attack, convenient insulation for all involved. And the very existence of ransomware-for-hire services shows just how popular—and profitable—these attacks have become. Members of DarkSide focused on point-of-sale credit card data theft and ATM cashout attacks for years, says Adam Meyers, vice president of intelligence at the security firm CrowdStrike, which tracks DarkSide’s activity under the name Carbon Spider. “They’ve transitioned to the ransomware game because there’s so much money in it,” Meyers says.

The Biden administration has signaled in recent weeks that it plans to focus real attention on addressing the threat of ransomware. The White House has been hiring for key cybersecurity policy and response roles and participated in a public-private ransomware task force aimed at generating comprehensive recommendations to curb the problem. The Colonial Pipeline incident now gives the White House a renewed motivation to turn policy proposals into action.

“We’re taking a multipronged and whole-of-government response to this incident and to ransomware overall,” deputy national security adviser Anne Neuberger said in a White House briefing on Monday. “We’re aggressively investigating the incident and its culprits.”

Neuberger said that the administration believes DarkSide is a criminal actor only but that the intelligence community is looking into the possibility of government ties. On Monday, President Biden called on the Russian government to stop harboring cybercriminals.

“I’m going to be meeting with President Putin,” Biden said. “So far there is no evidence … from our intelligence people that Russia is involved, although there is evidence that the actors’ ransomware is in Russia. They have some responsibility to deal with this.”

One question that dogs ransomware response is whether governments should make it illegal for victims to pay ransoms. In theory, no more ransom payments would mean no more incentives for criminals to continue. But members of the public-private ransomware task force say that the group was unable to reach a consensus about firm recommendations to that end; the trade-offs aren’t easily navigable.

Steps that could work in the near term? Requiring that victims disclose ransomware incidents, and creating a cyber incident review board in the US, says Rob Knake, a senior fellow at the Council on Foreign Relations and a former director for cybersecurity policy at the National Security Council. Currently most victims keep ransomware attacks quiet when possible; a full accounting of these rolling crises could spur a response. “Notification is essential, because cyber incidents are not like plane crashes—the investigating agency may never find out that they have happened,” Knake says. “So for the cyber incident review board to be successful it will need to be notified of incidents and then have the authority to investigate. Voluntary will not work.”

In the meantime, cybersecurity professionals say that they hope the Colonial Pipeline incident really will finally spark action in the fight against ransomware. Given how many other dire attacks have failed to act as this catalyst, though, they are wary of being too hopeful.

“We’re at a point where only systemic improvement will have any meaningful impact,” Crowdstrike’s Meyers says. “And organizations don’t necessarily have the bandwidth, funding, and personnel to do that. But this should be a wake-up call to any organization: You need to do better or you’re going to suffer the same fate.”

More Great WIRED Stories
US Teens Can Get Their Covid Shot. What’s Next for Schools? — 05/10/2021

US Teens Can Get Their Covid Shot. What’s Next for Schools?

It’s official: Teens are getting the shot. Today, the US Food and Drug Administration decided that Pfizer’s Covid-19 vaccine could be used in children as young as 12, following a clinical trial that found the vaccine was safe and effective. The decision means roughly 17 million children younger than 16—the previous cutoff for the Pfizer shot—are newly eligible for vaccinations, which could begin as soon as Wednesday, following a separate recommendation from a CDC panel.

sanitation workers cleaning stairs

Everything You Need to Know About the Coronavirus

Here’s all the WIRED coverage in one place, from how to keep your children entertained to how this outbreak is affecting the economy. 

When she first had heard about the trial results, Monica Gandhi, an infectious disease expert at UC San Francisco, was relieved. The opportunity to vaccinate teens had come sooner than expected—and, as she saw it, in the nick of time: It meant plenty of breathing room to start vaccinations before the fall. More than half of California students are learning remotely, according to an analysis by the education nonprofit EdSource, and the next semester remains uncertain. But with vaccines available, the process of getting everyone back on campus was looking smoother—for reasons that, in her view, had more to do with psychology than with epidemiology. “It’s been such a barrier for middle and high school students, not because schools aren’t safe but because of the perception that they aren’t,” she says.

Across the US, the return to school has been complicated by a twist-filled pandemic spring. First there was the problem of high case rates—too much virus was moving around during the winter surge, just as district officials from New York to Los Angeles were debating how to return more students to in-person instruction. Then came the unknowns of new, more transmissible variants. But even in places where case rates are now far below those winter peaks, and where teachers have been vaccine-eligible for weeks, the prospect of returning has remained fraught. Some parents are reluctant to send their kids, who may now be the only unprotected people in their families, to mix with other unvaccinated people. And some teachers are wary of receiving those students in their classrooms.

In San Francisco, where Gandhi lives, some students have returned to campus but often only to open their laptops again when they arrive—so-called “Zoom in a room,” as disgruntled parents have put it. Schools are constrained by CDC recommendations of 3- to 6-foot distancing in buildings and by limited staffing due to teachers with medical exemptions. This summer, state legislators will decide whether to continue a waiver that has allowed remote instruction. Laura Dudnick, a spokesperson for the San Francisco Unified School District, notes that the district’s agreement with employees covers only the remainder of the spring semester, and she says the district will follow public health guidance as it develops plans for the fall.

Meanwhile, public health experts like Gandhi have maintained that schools can be fully opened safely, even prior to widespread vaccination. The benefits of doing so would be enormous, she says, given the toll of closures on mental health and learning. It’s a tricky needle to thread: As more schools have opened, we’ve learned that kids do transmit the virus—perhaps more than scientists initially thought—and some studies have linked the reopening of schools to more household infections. But we’ve also learned how to manage those risks better with precautions like good ventilation, masks, and testing. A recent preprint by Johns Hopkins University researchers, which has not yet been peer-reviewed, found that the risk that kids attending in-person school would seed infections in their households disappeared in places that adopted careful protection measures. (The research was conducted prior to widespread adult vaccinations, which should further reduce household spread.) A January review by CDC scientists came to a similar conclusion, based on data from a number of countries where schools had by then reopened. School outbreaks did occur, they found, but they were easier to control than outbreaks in places like nursing homes.

Returning with precautions isn’t returning without risk. About 100 children under age 15 died in the US from Covid-19 in 2020. And there are still unknowns, such as the long-term effects of the disease on kids, including the inflammatory illness known as MIS-C, says Ashleigh Tuite, an epidemiologist at the University of Toronto. Plus, while deaths and hospitalization rates are comparatively low among kids, the impact is uneven: Those rates are higher among Black and Latinx students, immunocompromised children, and those with other health problems. (Canada authorized the Pfizer vaccine for teenagers on May 5.)

The newer variants have also highlighted the need for stronger layers of protection, like masks and ventilation, in reopened schools, Tuite says. In Ontario, schools reopened this winter just as the province was gripped by a wave of infections driven by the more transmissible B.1.1.7 variant that has sickened a higher proportion of younger people than before, in part due to lower rates of vaccination. The timing meant students became “the unwitting recipients of an experiment when you reopen and have an unprotected population,” Tuite says. The province decided to end in-person learning in April as part of a wider lockdown.

The vaccine authorizations for teens arrived faster than many experts expected. Last summer, pediatrics researchers sounded the alarm that including younger people in clinical trials was moving too slowly. But that process sped up in December after the FDA’s emergency use authorization of the Pfizer and Moderna mRNA vaccines, both of which were shown to be remarkably effective at preventing disease in adults. The first children were enrolled in small trials of both vaccines later that month. In late March, Pfizer reported good news about the vaccine’s efficacy among younger users: No teens in the test group contracted Covid-19, compared with 18 cases in the placebo group, and the shot induced similar immune responses to those seen in young adults. But the primary aim of the trial was to demonstrate that the shot would be as safe for teens as for adults; the results showed they indeed experienced similar rates of side effects.

The prospect of a return to relative normalcy in the US while the virus rages elsewhere has also raised some confounding ethical questions. The US is poised to begin vaccinating teens with minimal chances of severe illness, while in India, where 6 percent of people have been vaccinated so far, health officials have been reporting a staggering 400,000 new infections per day. “Would you vaccinate a small child here before a 65-year-old in India? I think global vaccine equity should be achieved first,” Gandhi says.

But that shouldn’t discourage teens from getting vaccinated, she adds. Last month, researchers at Duke University predicted the US could have 300 million excess doses by the end of July, given the slowing vaccination rates among adults. Starting today, there will be about 17 million newly eligible teens in the US. Even with a significant charitable pivot by the US government, drugstores and doctor’s offices are unlikely to go short.

Over time, protecting kids is important for protecting everybody, says Marm Kilpatrick, a population biologist at UC Santa Cruz. That’s true even as experts express doubts about the ability for society to reach a herd immunity threshold, where enough immunity is built up in the community that the cycle of viral transmission is effectively halted. “Any herd immunity calculations rely on well-mixed populations, where everyone is having equal contact with everyone,” he says. But in real life, “that’s not how it works. Social networks segregate by age.” Having certain pools of people who aren’t protected but spend time together—say at school or at basketball practice—is a recipe for outbreaks that can spread quickly and potentially to unvaccinated people in the community beyond.

As for adults, uptake is a question for teens. A survey this month by the Kaiser Family Foundation indicated that roughly a quarter of parents would definitely not vaccinate their children, while a fifth would do so only if their school required it, following the examples of some workplaces and universities. Doing so would be unusual, says Gandhi, based on current vaccine rules for public schools. Schools typically require vaccines for diseases that pose a high risk to school-age people—diseases like measles and hepatitis B—while simply recommending shots to prevent lower-risk diseases like the flu. That said, policies will likely vary by district.

On May 4, Pfizer CEO Albert Bourla told investors that the company plans to complete its trials of the vaccine in children as young as 2 by the fall. Gandhi was happy to hear parents would have the option, but the timing left her a little worried. Would some elementary schools and preschools decide to hold off on in-person classes until the youngest children could get inoculated? She hoped they would see that there were other ways to keep everyone safe. “That’s my biggest fear, that people believe we need children to be vaccinated for normalcy,” she says.

More From WIRED on Covid-19
Apple Execs Chose to Keep a Hack of 128 Million iPhones Quiet —

Apple Execs Chose to Keep a Hack of 128 Million iPhones Quiet

In September 2015, Apple managers had a dilemma on their hands: Should or should they not notify 128 million iPhone users of what remains the worst mass iOS compromise on record? Ultimately, all evidence shows, they chose to keep quiet.

The mass hack first came to light when researchers uncovered 40 malicious App Store apps, a number that mushroomed to 4,000 as more researchers poked around. The apps contained code that made iPhones and iPads part of a botnet that stole potentially sensitive user information.

An email entered into court last week in Epic Games’ lawsuit against Apple shows that, on the afternoon of September 21, 2015, Apple managers had uncovered 2,500 malicious apps that had been downloaded a total of 203 million times by 128 million users, 18 million of whom were in the US.

“Joz, Tom and Christine—due to the large number of customers potentially affected, do we want to send an email to all of them?” App Store VP Matthew Fischer wrote, referring to Apple senior vice president of worldwide marketing Greg Joswiak and Apple PR people Tom Neumayr and Christine Monaghan. The email continued:

If yes, Dale Bagwell from our Customer Experience team will be on point to manage this on our side. Note that this will pose some challenges in terms of language localizations of the email, since the downloads of these apps took place in a wide variety of App Store storefronts around the world (e.g. we wouldn’t want to send an English-language email to a customer who downloaded one or more of these apps from the Brazil App Store, where Brazilian Portuguese would be the more appropriate language).

About 10 hours later, Bagwell discusses the logistics of notifying all 128 million affected users, localizing notifications to each users’ language, and “accurately includ[ing] the names of the apps for each customer.”

Alas, all appearances are that Apple never followed through on its plans. An Apple representative could point to no evidence that such an email was ever sent. Statements the representative sent on background—meaning I’m not permitted to quote them—noted that Apple instead published only this now-deleted post.

The post provides very general information about the malicious app campaign and eventually lists only the top 25 most downloaded apps. “If users have one of these apps, they should update the affected app which will fix the issue on the user’s device,” the post stated. “If the app is available on [the] App Store, it has been updated, if it isn’t available it should be updated very soon.”

The infections were the result of legitimate developers writing apps using a counterfeit copy of Xcode, Apple’s iOS and OS X app development tool. The repackaged tool, dubbed XcodeGhost, surreptitiously inserted malicious code alongside normal app functions.

From there, apps caused iPhones to report to a command-and-control server and provide a variety of device information, including the name of the infected app, the app-bundle identifier, network information, the device’s “identifierForVendor” details, and the device name, type, and unique identifier.

XcodeGhost billed itself as faster to download in China, compared with Xcode available from Apple. For developers to have run the counterfeit version, they would have had to click through a warning delivered by Gatekeeper, the macOS security feature that requires apps to be digitally signed by a known developer.

The lack of follow-through is disappointing. Apple has long prioritized the security of the devices it sells. It has also made privacy a centerpiece of its products. Directly notifying those affected by this lapse would have been the right thing to do. We already knew that Google routinely doesn’t notify users when they download malicious Android apps or Chrome extensions. Now we know that Apple has done the same thing.

The email wasn’t the only one that showed Apple brass hashing out security problems. A separate one sent to Apple fellow Phil Schiller and others in 2013 forwarded a copy of the Ars article headlined “Seemingly Benign ‘Jekyll’ App Passes Apple Review, Then Becomes ‘Evil.’”

The article discussed research from computer scientists who found a way to sneak malicious programs into the App Store without being detected by the mandatory review process that’s supposed to automatically flag such apps. Schiller and the other people receiving the email wanted to figure out how to shore up its protections in light of their discovery that the static analyzer Apple used wasn’t effective against the newly discovered method.

“This static analyzer looks at API names rather than true APIs being called, so there’s often the issue of false positives,” Apple senior VP of internet software and services Eddy Cue wrote. “The Static Analyzer enables us to catch direct accessing of Private APIs, but it completely misses apps using indirect methods of accessing these Private APIs. This is what the authors used in their Jekyll apps.”

The email went on to discuss limitations of two other Apple defenses, one known as Privacy Proxy and the other as Backdoor Switch.

“We need some help in convincing other teams to implement this functionality for us,” Cue wrote. “Until then, it is more brute force, and somewhat ineffective.”

Lawsuits involving large companies often provide never-before-seen portals into the inner workings of the way they and their executives work. Often, as the case is here, those views are at odds with the companies’ talking points. The trial resumes this week.

This story originally appeared on Ars Technica.

More Great WIRED Stories
Ford reveals name of its first electric pickup truck —

Ford reveals name of its first electric pickup truck

Uploads%252fvideo uploaders%252fdistribution thumb%252fimage%252f96114%252f7deaa2b8 c858 4b44 b616 2fd2397b9f21.png%252f930x520.png?signature=usbqq2h5z dncwpw78pw9xckdne=&source=https%3a%2f%2fblueprint api production.s3.amazonaws

Ford will livestream the launch of its first electric F-150 next week. And it has a very familiar name.

The pickup truck will be called the F-150 Lightning. Yes, that’s also the name of a special edition of the popular Ford truck released in the 1990s. 

The F-Series dates back to the 1940s, but the F-150 Lightning is the company’s first electric pickup truck. Ford’s Mustang Mach-E, which arrived late last year, was the U.S. automaker’s first all-electric SUV.

The Lightning is expected to start at about $70,000 and come with dual electric motors for all-wheel drive. It will compete with a growing list of electric trucks, including the Tesla Cybertruck, GMC Hummer EV supertruck, Chevy Silverado EV, and Rivian R1T

You can watch Ford unveil the truck at its Michigan headquarters on May 19 at 9:30 p.m. ET on the company’s Facebook, YouTube, and Twitter pages. The livestream will also be shown at IRL locations such as Times Square in New York City and on Las Vegas Boulevard.

Amazon “seized and destroyed” 2 million counterfeit products in 2020 —

Amazon “seized and destroyed” 2 million counterfeit products in 2020

Several Amazon trailers lined up outside a shipping center.
Enlarge / Amazon trailers backed into bays at a distribution center in Miami, Florida, in August 2019.

Amazon “seized and destroyed” over 2 million counterfeit products that sellers sent to Amazon warehouses in 2020 and “blocked more than 10 billion suspected bad listings before they were published in our store,” the company said in its first “Brand Protection Report.”

In 2020, “we seized and destroyed more than 2 million products sent to our fulfillment centers and that we detected as counterfeit before being sent to a customer,” Amazon’s report said. “In cases where counterfeit products are in our fulfillment centers, we separate the inventory and destroy those products so they are not resold elsewhere in the supply chain,” the report also said.

Third-party sellers can also ship products directly to consumers instead of using Amazon’s shipping system. The 2 million fakes found in Amazon fulfillment centers would only account for counterfeit products from sellers using the “Fulfilled by Amazon” service.

The counterfeit problem got worse over the past year. “Throughout the pandemic, we’ve seen increased attempts by bad actors to commit fraud and offer counterfeit products,” Amazon VP Dharmesh Mehta wrote in a blog post yesterday.

Counterfeiting is a longstanding problem on Amazon. Other problems on Amazon that harm consumers include the sale of dangerous products, fake reviews, defective third-party goods, and the passing of bribes from unscrupulous sellers to unscrupulous Amazon employees and contractors. One US appeals court ruled in 2019 that Amazon can be held responsible for defective third-party goods, but Amazon has won other similar cases. Amazon is again arguing that it should not be held liable for a defective third-party product in a case before the Texas Supreme Court that involves a severely injured toddler.

Amazon tries to reassure legit sellers

Amazon’s new report was meant to reassure legitimate sellers that their products won’t be counterfeited. While counterfeits remain a problem for unsuspecting Amazon customers, the e-commerce giant said that “fewer than 0.01 percent of all products sold on Amazon received a counterfeit complaint from customers” in 2020. Of course, people may buy and use counterfeit products without ever realizing they are fake or without reporting it to Amazon, so that percentage may not capture the extent of the problem.

Amazon’s report on counterfeits describes extensive systems and processes to determine which sellers can do business on Amazon. While Amazon has argued in court that it is not liable for what third parties sell on its platform, the company is monitoring sellers in an effort to maintain credibility with buyers and legitimate sellers.

Amazon said it “invested over $700 million and employed more than 10,000 people to protect our store from fraud and abuse” in 2020, adding:

We leverage a combination of advanced machine learning capabilities and expert human investigators to protect our store proactively from bad actors and bad products. We are constantly innovating to stay ahead of bad actors and their attempts to circumvent our controls. In 2020, we prevented over 6 million attempts to create new selling accounts, stopping bad actors before they published a single product for sale, and blocked more than 10 billion suspected bad listings before they were published in our store.

“This is an escalating battle with criminals that attempt to sell counterfeits, and the only way to permanently stop counterfeiters is to hold them accountable through litigation in the court system and through criminal prosecution,” Amazon also said. “In 2020, we established a new Counterfeit Crimes Unit to build and refer cases to law enforcement, undertake independent investigations or joint investigations with brands, and pursue civil litigation against counterfeiters.”

Amazon said it now “report[s] all confirmed counterfeiters to law enforcement agencies in Canada, China, the European Union, UK, and US.” Amazon also urged governments to “increase prosecution of counterfeiters, increase resources for law enforcement fighting counterfeiters, and incarcerate these criminals globally.”

Stricter seller-verification system

Amazon said it had a “new live video and physical address verification” system in place in 2020 in which “Amazon connects one-on-one with prospective sellers through a video chat or in person at an Amazon office to verify sellers’ identities and government-issued documentation.” Amazon said it also “verifies new and existing sellers’ addresses by sending information including a unique code to the seller’s address.”

Most new attempts to register as a seller were apparently fraudulent, as Amazon said that “only 6 percent of attempted new seller account registrations passed our robust verification processes and listed products.” Overall, Amazon “stopped over 6 million attempts to create a selling account before they were able to publish a single listing for sale” in 2020, more than double “the 2.5 million attempts we stopped in 2019,” Amazon said.

The verification process isn’t enough on its own to stop all new fraudulent sellers, so Amazon said it performs “continuous monitoring” of sellers to identify new risks. “If we identify a bad actor, we immediately close their account, withhold funds disbursement, and determine if this new information brings other related accounts into suspicion. We also determine if the case warrants civil or criminal prosecution and report the bad actor to law enforcement,” Amazon said.

Amazon monitors product detail changes for fraud

One problem we wrote about a few months ago involves “bait-and-switch reviews” in which sellers trick Amazon into displaying reviews for unrelated products to get to the top of Amazon’s search results. In one case, a $23 drone with 6,400 reviews achieved a five-star average rating only because it had thousands of reviews for honey. At some point, the product listing had changed from a food item to a tech product, but the reviews for the food product remained. After a purging of the old reviews, that same product page now lists just 348 ratings at a 3.6-star average.

Amazon is trying to prevent recurrences of this problem, saying in its new report that it scans “more than 5 billion attempted changes to product detail pages daily for signs of potential abuse.”

Amazon also provides self-service tools to companies to help them block counterfeits of their products. Amazon’s report said that 18,000 brands have enrolled in “Project Zero,” which “provides brands with unprecedented power by giving them the ability to directly remove listings from our store.” The program also has an optional product serialization feature that lets sellers put unique codes on their products or packaging.

The self-service tool only accounts for a tiny percentage of blocked listings. “For every 1 listing removed by a brand through our self-service counterfeit removal tool, our automated protections removed more than 600 listings through scaled technology and machine learning that proactively addresses potential counterfeits and stops those listings from appearing in our store,” Amazon said.

4 Rugged French Presses for Your Coffee-Fueled Summer Escape —

4 Rugged French Presses for Your Coffee-Fueled Summer Escape

A few months back, my morning ritual was thrown into total disarray. I pulled my French press from the dishwasher and caught the lip of the glass carafe on the edge of the counter, and years of faithful service abruptly ended as a tiny shards of glass scattered across the floor. I looked around for replacements and found a carafe often costs about two-thirds as much as a whole French press. It’s very annoying math. I pivoted a bit and sprang for an insulated metal Bodum Columbia ($39 and up). When it arrived, along with being able to make my regular cup of coffee again, it looked so good that I felt like I’d classed up the joint.

Like many other people around the world this past year, I went camping more than usual and, looking at the Columbia, I realized it could pull double duty, brewing large batches of Joe for Joe at home or on the road. Antenna raised, I quickly found other rugged, non-glass French presses that could safely endure car camping and still look stylish enough to have on display at home.

Stanley’s Stay Hot French Press is available for $65 from Stanley and from Amazon.

Photograph: Stanley

I called in several contenders and integrated them into my daily routine. One of the first to arrive was the Stanley Stay Hot French Press ($65). The company’s limited-edition press, in powdery “polar” white, was surprisingly good looking and promised to make 48 ounces (or 1.4 liters) of “caffeinated gold.”

There was also the BruTrek 32 and 48 by Planetary Design ($60 and up), campers’ favorites with unique metal flaps over the plunger filter. Along with a stunning ultramarine color, it also comes in a silver version that might please Philippe Starck. (Fellow WIRED coffee nut Scott Gilbertson likes another of Planetary Design’s camp brewers.)

Also highly touted was the Espro P7 ($110 and up) with its elegant carafe, 18- and 32-ounce sizes, and its fine-mesh double filter.

For fun, I also called in a prototype that I nicknamed “The Hulk” and whose real name I shall keep a secret for reasons that will soon become clear. It was a heavy stainless bruiser with lots of right angles. My first thought when I pulled it from its box was that I was holding the perfect prop for Charlize Theron’s agent Lorraine Broughton to use to pummel a foe in an Atomic Blonde kitchen fight.

Outside of my tiny, half-liter Columbia (two larger sizes are available) the rest of the contenders held capacities between a scant liter and a liter and a half.

Start the Presses

Planetary Design’s BruTrek French Press. $60 and up from Planetary Design and Amazon

Photograph: BruTrek

Adversaries assembled, I laid out some ground rules beyond brawn and beauty. Along with readiness for kitchen or campsite, I wanted a few other things. Simplicity and ease of cleaning—including a strong preference to be able to throw the whole thing into the dishwasher—was tops among them. (Coffee snobs may wince at this, saying dishwashing can leave residue that imparts bitterness to your coffee, to which I say you can give it a quick rinse in the sink.)  I was curious to see how all of these insulated containers would do at keeping things warm, but leaving brewed coffee in contact with the grounds after depressing a French press’ plunger is frowned upon, as it means that you’ll overextract your coffee and cause the brew to take on an unwelcome bitterness. Slow sippers of large quantities like me will be much happier with a dedicated thermos to hold your coffee. Finally, of course, the coffee they made needed to be good.

I was already used to and happy with my Bodum. It uses a fairly fine filter that features a silicone ring around it, and that combination keeps most of the tinier bits of grounds known as “fines” out of the coffee once the plunger is depressed. What little of the fines that get through don’t improve the coffee’s taste, but they add a mouthfeel and richness that people like me find pleasant and even preferable to what you can get out of a “regular” coffee maker. My Bodum provided a nice, high bar to judge the competition against.

So when the Stanley arrived, it surprised me. The company’s PR rep sent that limited-edition white number and, despite a gray plastic handle, I was amazed by its good looks. I liked how wide the brewing chamber was, making stirring (aka “agitation”) easier. The plunger depressed and came out easily, and the carafe poured beautifully.

Espro’s P7 French Press. $110 and up from Espro and Amazon.

Photograph: Espro

For something completely different, I tried the Espro P7, which, with those two fine filters, produced a surprisingly clear cup with even fewer fines. It’s like coffee-maker coffee for people somehow forced to make only French press, or for campers too far from an outlet to plug in Mr. Coffee. This “clean cup” isn’t a bad thing, but it’s certainly different and perhaps not exactly what French press fans, myself included, want from a press pot. The Espro’s double interlocking baskets are one more thing to clean, but I guess you’d get used to it.

For another outlier, I tried the BruTrek 32 and 48 by Planetary Designs. Despite being drawn like a magnet to the lovely blue color, I struggled with the designs of these, wanting to like them more than I did. The lid stopper gives the BruTrek a bit of a sippy-cup feeling, and you need to screw the lid on before you can depress the plunger. Also, with a rounded bottom corner it’s not completely firm on its feet.

I did find its claim to fame to be an interesting idea: the flap on a metal disc above the filter turns it into something of a one-way valve; once the plunger is depressed, the brewed coffee can’t circulate into the grounds and become bitter, theoretically allowing you to keep the coffee in there longer without it becoming a bitter mess. (The company calls this feature Bru-Stop.) Yet even for me, an appreciator of the ever-so-slightly-sludgy cup, this was a bit much, as the filter let a surprising amount of fines through. This was especially odd as those extra fines in the coffee seemingly negated the work of the flaps. The larger flaw, in my book, is that the BruTrek isn’t dishwasher safe. Not a big deal when you’re camping, but that’s a deal breaker at home.

Finally, there was the “Hulk” prototype, which struggled mightily. The big problem was the hairline crack I discovered after putting it in the dishwasher. When I removed the brewer from the dishwasher, I could hear water sloshing around in the space between the interior and exterior walls. The only effective way I found to expel that water was to fill the brewing chamber with hot water, thus heating the air in the space between the walls and causing the water to squirt from the crack in the bottom corner. Furthermore, the lid was quite difficult to horse off the rest of the vessel, which is not something you want when dealing with hot, wet grounds.

Around this point, just to say I did it, I filled all five presses with just-boiled water, put the lids on and set a timer for an hour. They all emerged at least hot enough for steam to come off the top when I lifted the lid. The Bodum was lowest at 156 degrees Fahrenheit, but cut it some slack! It was half the size of the competition, and I’m feeling protective as I explain it. The Hulk and Espro came in at a just-fine 160 and 165 degrees, respectively; the Stanley Stay Hot stayed an impressively hot 175. At 185 degrees, this was the BruTrek’s moment to shine. If you’re not going to put your coffee in a thermos after you brew it, and the hottest coffee for the longest time is your highest priority, this might be your best bet.

Stanley’s line of coffee gear also includes insulated travel mugs.

Photograph: Stanley

Ground Control

After all of my in-home testing, I was most happy to discover that while there were a few nits to pick and stylistic variations here and there, all the machines seemed to make a pretty good cup of coffee. So at this point, I brought in some coffee pros from Olympia Coffee for some socially distant testing.

Olympia co-owner Sam Schroeder and the company’s retail trainer, Reyna Callejo, met me in their Seattle coffee lab. There, while all double masked, we brewed five batches fairly simultaneously using all five French presses. We then poured samples from each carafe into five cups for each of us to do a blind tasting in opposite corners of the empty café. While all the brewers made coffee that each of us enjoyed, we did select some favorites. The deciding factors weren’t over the quality of what was in our unmarked cups, it was the before and after that made the biggest difference.

Sam enjoyed the Stanley, noting its nice pour and easy cleanup. Reyna was taken with the Espro’s coffee, noting “it’s so clear!” comparing it to the others when she first poured it. She also then enjoyed that cup most, realizing that it was closest of the five to the Breville coffee maker she has at home. She struggled with the BruTrek’s slow plunge and the way the rounded bottom created a bit of wobbly uncertainty. She also disliked needing to screw the lid on before she could push the plunger down.

“I don’t want extra effort making coffee at 7 am,” she said, while looking longingly at the four simpler options on the counter. “It’s not a good brewer if it’s hard to brew with it.”

Removing that lid from “The Hulk” drove both Sam and Reyna crazy.

We were using 50 grams of coffee to 850 milliliters of water for the larger brewers, and half of those amounts in the smaller Bodum. We prepped a large grind, poured in 200-degree water, stirred at the one and five minute marks, then pressed down the plungers.

This gave us a surprisingly and uniformly low level of total dissolved solids in the coffee. Sam gave a quick definition of TDS as “the amount of coffee in your coffee” and Reyna measured ours with a refractometer, finding they were all between 0.93 and 1.13, where at Olympia’s coffee shops the crew shoots for 1.3 to 1.45.

We tried each of the coffees about 40 minutes later and, while our preference for transferring just-brewed coffee to a thermos remained unchanged, we learned two things. One was that we didn’t notice much of a difference between the BruTrek—with its unique Bru-Stop flap—and the others. Two, they were all still warm and the coffee decent.

“We’re calibrated to taste bad things,” Reyna said, referring to their training. And considering the coffee samples had sat around for a bit, they weren’t that bad.

Sam and Reyna cleaned the pots and plungers, then Sam walked over to them and nudged the Stanley and the Bodum, the two simplest and easiest to clean, to the right. Reyna, wordlessly nudged the Espro into the group with them, and presto! We had our preferred presses.

It’s really splitting hairs between the Stanley and the Bodum. You can safely decide on looks alone and be confident you’ll end up with a lovely cup of coffee. If you want a cleaner, less sludgy brew, get the Espro. Then make a pot, sit back in your sofa or camping chair, and enjoy your cup.

More Great WIRED Stories