The actor plays a TV pundit who finds himself framed for the murder of a white nationalist in Stephen Belbers Netflix series.

Before the era when the worlds tallest peaks could be conquered, mountaineers wrestled with the method and purpose of their obsession.

HARD TO DETECT. HARD TO DISINFECT Found in the wild: The worlds first unkillable UEFI bootkit for Linux "Bootkitty" is likely a proof-of-concept, but may portend working UEFI malware for Linux. Dan Goodin Nov 27, 2024 2:21 pm | 21 Credit: Getty Images Credit: Getty Images Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreOver the past decade, a new class of infections has threatened Windows users. By infecting the firmware that runs immediately before the operating system loads, these UEFI bootkits continue to run even when the hard drive is replaced or reformatted. Now the same type of chip-dwelling malware has been found in the wild for backdooring Linux machines.Researchers at security firm ESET said Wednesday that Bootkittythe name unknown threat actors gave to their Linux bootkitwas uploaded to VirusTotal earlier this month. Compared to its Windows cousins, Bootkitty is still relatively rudimentary, containing imperfections in key under-the-hood functionality and lacking the means to infect all Linux distributions other than Ubuntu. That has led the company researchers to suspect the new bootkit is likely a proof-of-concept release. To date, ESET has found no evidence of actual infections in the wild. The ASCII logo that Bootkitty is capable of rendering. Credit: ESET Be preparedStill, Bootkitty suggests threat actors may be actively developing a Linux version of the same sort of unkillable bootkit that previously was found only targeting Windows machines.Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats, ESET researchers wrote. Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.A rootkit is a piece of malware that runs in the deepest regions of the operating system it infects. It leverages this strategic position to hide information about its presence from the operating system itself. A bootkit, meanwhile, is malware that infects the UEFIshort for Unified Extensible Firmware Interfacein much the same way. By lurking undetected in the firmware that resides on a chip and runs each time a machine boots, bootkits can persist indefinitely, providing a stealthy means for backdooring the operating system even before it has fully loaded and enabled security defenses such as antivirus software.The bar for installing a bootkit is high. An attacker first must gain administrative control of the targeted machine, either through physical access while its unlocked or somehow exploiting a critical vulnerability in the OS. Under those circumstances, attackers already have the ability to install OS-resident malware. Bootkits, however, are much more powerful since they (1) run before the OS does and (2) are, at least practically speaking, undetectable and unremovable.The Bootkitty sample ESET found is unable to override a defense, known as UEFI Secure Boot, that uses cryptographic signatures to ensure that each piece of software loaded during startup is trusted by a computer's manufacturer. Secure Boot is designed to create a chain of trust that prevents attackers from replacing the intended bootup firmware with malicious firmware. When Secure Boot is enabled, if a single firmware link in that chain isnt recognized, the device won't boot. The Bootkitty execution flow Credit: ESET The image above summarizes the key parts of the Bootkitty execution flow. They are: Execution of the bootkit and patching of the legitimate GRUB bootloader (points 4 and 5 in Figure 6) Patching of the Linux kernels EFI stub loader (points 6 and 7 in Figure 6) Patching of the decompressed Linux kernel image (points 8 and 9 in Figure 6).Despite working on a handful of Ubuntu versions, Bootkitty contains flaws and limitations in crucial functionality required for it to run in real-world infections on a wider based on machines. One imperfection resides in the way the bootkit modifies the decompressed Linux kernel. As shown in the chunk of Bootkitty code displayed below, once the kernel image is decompressed, Bootkitty simply copies the malicious patches to the hardcoded offsets within the kernel image. A chunk of Bootkitty code Credit: ESET The result: due to the lack of kernel-version checks in the function shown in [the figure above] Bootkitty can get to the point where it patches completely random code or data at these hardcoded offsets, thus crashing the system instead of compromising it, ESET researchers explained.Additionally, the inability to defeat Secure Boot limits infection opportunities to devices that (1) dont enable the defense or (2) have already been compromised by the same attacker to install a self-signed cryptographic certificate. Further, Bootkitty leaves a trail of artifacts behind that make discovery relatively easy. That undermines a key bootkit advantage: stealth.As ESET notes, the discovery is nonetheless significant because it demonstrates someonemost likely a malicious threat actoris pouring resources and considerable know-how into creating working UEFI bootkits for Linux. Currently, there are few simple ways for people to check the integrity of the UEFI running on either Windows or Linux devices. The demand for these sorts of defenses will likely grow in the coming years.Dan GoodinSenior Security EditorDan GoodinSenior Security Editor Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82. 21 Comments Prev story

Shake a tail feather Teaching a drone to fly without a vertical rudder We can get a drone to fly like a pigeon, but we needed to use feathers to do it. Jacek Krywko Nov 27, 2024 1:08 pm | 9 Pigeons manage to get vertical without using a vertical tail. Credit: HamidEbrahimi Pigeons manage to get vertical without using a vertical tail. Credit: HamidEbrahimi Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreMost airplanes in the world have vertical tails or rudders to prevent Dutch roll instabilities, a combination of yawing and sideways motions with rolling that looks a bit like the movements of a skater. Unfortunately, a vertical tail adds weight and generates drag, which reduces fuel efficiency in passenger airliners. It also increases the radar signature, which is something you want to keep as low as possible in a military aircraft.In the B-2 stealth bomber, one of the very few rudderless airplanes, Dutch roll instabilities are dealt with using drag flaps positioned at the tips of its wings, which can split and open to make one wing generate more drag than the other and thus laterally stabilize the machine. But it is not really an efficient way to solve this problem, says David Lentink, an aerospace engineer and a biologist at the University of Groningen, Netherlands. The efficient way is solving it by generating lift instead of drag. This is something birds do.Lentink led the study aimed at better understanding birds rudderless flight mechanics.Automatic airplanesBirds flight involves near-constant turbulenceWhen they fly around buildings, near trees, near rocks, near cliffs, Lentink says. The leading hypothesis on how they manage this in a seemingly graceful, effortless manner was suggested by a German scientist named Franz Groebbels. He argued that birds ability relied on their reflexes. When he held a bird in his hands, he noticed that its tail would flip down when the bird was pitched up and down, and when the bird was moved left and right, its wings also responded to movement by extending left and right asymmetrically. Another reason to think reflexes matter is comparing this to our own human locomotionwhen we stumble, it is a reflex that saves us from falling, Lentink claims.Groebbels intuition about birds reflexes being responsible for flight stabilization was later backed by neuroscience. The movements of birds wings and muscles were recorded and found to be proportional to the extent that the bird was pitched or rolled. The hypothesis, however, was extremely difficult to test with a flying birdall the experiments aimed at confirming it have been done on birds that were held in place. Another challenge was determining if those wing and tail movements were reflexive or voluntary.I think one pretty cool thing is that Groebbels wrote his paper back in 1929, long before autopilot systems or autonomous flight were invented, and yet he said that birds flew like automatic airplanes, Lentink says. To figure out if he was right, Lentink and his colleagues started with the Groebbelss analogy but worked their way backwardthey started building autonomous airplanes designed to look and fly like birds.Reverse-engineering pigeonsThe first flying robot Lentinks team built was called the Tailbot. It had fixed wings and a very sophisticated tail that could move with five actuated degrees of freedom. It could spreadfurl and unfurlmove up and down, move sideways, even asymmetrically if necessary, and tilt. It could do everything a birds tail can, Lentink explains. The team put this robot in a wind tunnel that simulated turbulent flight and fine-tuned a controller that adjusted the tails position in response to changes in the robots body position, mimicking reflexes observed in real pigeons.We found that this reflexes controller that managed the tails movement worked and stabilized the robot in the wind tunnel. But when we took it outdoors, results were disappointing. It actually ended up crashing, Lentink says. Given that relying on a morphing tail alone was not enough, the team built another robot called PigeonBot II, which added pigeon-like morphing wings.Each wing could be independently tucked or extended. Combined with the morphing tail and nine servomotorstwo per wing and five in the tailthe robot weighed around 300 grams, which is around the weight of a real pigeon. Reflexes were managed by the same controller that was modified to manage wing motions as well.To enable autonomous flight, the team fitted the robot with two propellers and an off-the-shelf drone autopilot called Pixracer. The problem with the autopilot, though, was that it was designed for conventional controls you use in quadcopter drones. We put an Arduino between the autopilot and the robot that translated autopilot commands to the morphing tail and wings motions of the robot, Lentink says.The Pigeon II passed the outdoor flying test. It could take off, land, and fly entirely on its own or with an operator issuing high-level commands like go up, go down, turn left, or turn right. Flight stabilization relied entirely on bird-like reflexes and worked well. But there was one thing electronics could not re-create: their robots used real pigeon feathers. We used them because with current technology it is impossible to create structures that are as lightweight, as stiff, and as complex at the same time, Lentink says.Feathery marvelsBirds feathers appear simple, but they really are extremely advanced pieces of aerospace hardware. Their complexity starts with nanoscale features. Feathers have 10-micron 3D hooks on their surface that prevent them from going too far apart. It is the only one-sided Velcro system in the world. This is something that has never been engineered, and there is nothing like this elsewhere in nature, Lentink says. Those nanoscale hooks, when locked in, can bear loads reaching up to 20 grams.Then there are macroscale properties. Feathers are not like aluminum structures that have one bending stiffness, one torque stiffness, and thats it. They are very stiff in one direction and very soft in another direction, but not soft in a weak waythey can bear significant loads, Lentink says.His team attempted to make artificial feathers with carbon fiber, but they couldnt create anything as lightweight as a real feather. I dont know of any 3D printer that could start with 10-micron nanoscale features and work all the way up to macro-scale structures that can be 20 centimeters long, Lentink says. His team also discovered that pigeons feathers could filter out a lot of turbulence perturbations on their own. It wasnt just the form of the wing, Lentink claims.Lentink estimates that a research program aimed at developing aerospace materials even remotely comparable to feathers could take up to 20 years. But does this mean his whole concept of using reflex-based controllers to solve rudderless flight hangs solely on successfully reverse-engineering a pigeons feather? Not really.Pigeon bombers?The team thinks it could be possible to build airplanes that emulate the way birds stabilize rudderless flight using readily available materials. Based on our experiments, we know what wing and tail shapes are needed and how to control them. And we can see if we can create the same effect in a more conventional way with the same types of forces and moments, Lentink says. He suspects that developing entirely new materials with feather-like properties would only become necessary if the conventional approach bumps into some insurmountable roadblocks and fails.In aerospace engineering, youve got to try things out. But now we know it is worth doing, Lentink claims. And he says military aviation ought to be the first to attempt it because the risk is more tolerable there. New technologies are often first tried in the military, and we want to be transparent about it, he says. Implementing bird-like rudderless flight stabilization in passenger airliners, which are usually designed in a very conservative fashion, would take a lot more research, It may take easily take 15 years or more before this technology is ready to such level that wed have passengers fly with it, Lentink claims.Still, he says there is still much we can learn from studying birds. We know less about birds flight than most people think we know. There is a gap between what airplanes can do and what birds can do. I am trying to bridge this gap by better understanding how birds fly, Lentink adds.Science Robotics, 2024. DOI: 10.1126/scirobotics.ado4535Jacek KrywkoAssociate WriterJacek KrywkoAssociate Writer Jacek Krywko is a freelance science and technology writer who covers space exploration, artificial intelligence research, computer science, and all sorts of engineering wizardry. 9 Comments Prev story

Nathan Eddy, Freelance WriterNovember 27, 20245 Min ReadCienpies Design via Alamy StockAs IT pros prepare for the demands of 2025, top certifications in cloud computing, security, and data management come bundled with impressive salaries as businesses embrace multi-cloud infrastructure, advanced IT security, and AI.A Skillsoft report suggests certified professionals frequently hold management roles, with nearly one in five tech leaders reporting that certified employees bring an additional $30,000 or more in value annually to their organizations.The study put the AWS Certified Security - Specialty role in the top spot, with certified professionals earning over $200,000 annually -- a notable $40,000 increase from last year.Other high-ranking certifications include Google Clouds Professional Cloud Architect, with average earnings just above $190,000, and the Nutanix Certified Professional in Multicloud Infrastructure at $175,000.The report indicated security credentials continue to hold value, particularly with the CCSP (Certified Cloud Security Professional) and Cisco Certified Network Professional - Security certifications, which bring in averages of $171,000 and $168,000, respectively.These credentials focus on managing risk, ensuring data privacy, and securing IT infrastructure, key areas as companies work to support new deployments in a rapidly evolving digital landscape.Related:Skillsoft CIO Orla Daly says it was no surprise that security certifications, particularly AWS, are at the top, given the increasing number of cyber threats companies are dealing with.There continues to be a growingrecognitionof the importance of cybersecurity in today's digital landscape, she says via email.She points out both cloud and infrastructure certifications made the list again, an unsurprising result consideringthe meteoric rise of AI across industries.Cloud and infrastructure are expected to see significant growth as thebackbone to take advantage of AI and drive increasedautomation, Daly says.Daly notes that while Skillsofts list doesnt contain any AI-specific certifications, those in security, privacy, cloud, and infrastructure all play essential roles in supporting AI tools.In the certification world, it often takes time for certifications to gain traction, she explains.Right now, what is being seen in areas like AWS Security at the top is that organizations are still preparing for large-scale AI rollouts.Ultimately, its a mix of certifications being a bit slower to evolve and adjacent skills rising in criticality, Daly says.Related:Certifications: More Important Than EverFrom the perspective of Kausik Chaudhuri, CIO at Lemongrass, certifications are more important now than theyve ever been.The report makes it clear that professionals and employers are placing greater value on these credentials, he says via email.For employees, having certifications is a surefire way to boost salary potential and job performance and companies see certified employees as more productive and efficient.He adds that having certifications can mean an increase in salary and job security for an employee.Its more than just a resume booster though -- it's about keeping your skills relevant and showing your worth in todays competitive market, Chaudhuri says.Daly notes certifications are not just a testament to one's knowledge but also a commitment to continuous learning and staying updated with the latest technologies.The value of certifications in todays workplace lies in the need for specialized skills and the assurance that certified individuals bring to a role, Daly says.She adds that hiring practices are changing with a noticeable move toward skills-based hiring -- approach focusing on the specific skills and competencies that candidates bring to the table.Related:They are then matched organizational and positional needs, rather than solely on their educational background or previous job titles.The combination of evolving attitudes towards certifications and the move towards skills-based hiring reflects a broader trend in the job market, where tangible achievements and recognized credentials are highly valued, Daly says.Executive Buy-In, Career Growth FocusPaul Farnsworth, CTO of DHI Group, says the knowledge required to earn certifications can prove invaluable to an organization.Tech professionals interested in securing executive buy-in for the time and funds necessary to earn certifications should explain to their managers that the knowledge will ultimately make them more effective team members, he says.For example, a tech professional interested in securing AWS or Azure certifications could suggest that doing so will allow them to better operate the organizations cloud infrastructure.Managers are always interested in moves that will prove a net positive for their organizations effectiveness--and bottom line, he says.To get executive buy-in for funding or time off for certifications, Chaudhuri says its important to show how these new skills align with the companys goals.Point out how these certifications can tackle key challenges, fill skills gaps, or advance important projects like AI initiatives, he says.It also helps to have some data ready to prove the productivity and cost benefits.Pitch it as a smart investment for the company and suggest a plan that wont interfere with day-to-day responsibilities, he explains.Finding the Right Career CertsChaudhuri says figuring out which certifications and skills to pursue for career growth doesnt have to be overly complicated -- start by looking at whats hot in the industry, for example cloud computing, AI, or cybersecurity.Check job listings for roles youre interested in to see what credentials employers are seeking, he says. Talking to peers, mentors, or industry leaders can give you a better idea of whats worth pursuing.Farnsworth says by taking a strategic approach that combines personal goals with real-time industry insights, IT professionals can select certifications that will propel their careers forward while remaining adaptable to industry changes.He adds that by connecting with others in their desired field, IT professionals can gain an understanding of the types of skills or certifications that add value and those that may be unnecessary.Mentorship can also guide them towards the skills they might need that go beyond formal qualifications, Farnsworth says.About the AuthorNathan EddyFreelance WriterNathan Eddy is a freelance writer for InformationWeek. He has written for Popular Mechanics, Sales & Marketing Management Magazine, FierceMarkets, and CRN, among others. In 2012 he made his first documentary film, The Absent Column. He currently lives in Berlin.See more from Nathan EddyNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeReportsMore Reports

John Edwards, Technology Journalist & AuthorNovember 27, 20245 Min ReadOleCNX via Alamy Stock PhotoAn IT project timeline that's overly optimistic can lead to delays, cost overruns, missed opportunities and, in extreme instances, complete project failure. It can also make the project leader look weak or incompetent.While there are multiple ways to build a project timeline, keeping it simple by starting with the overarching scope and then breaking it down into individual smaller components is key, says Sathya Chandrasekar, a managing director with Deloitte Consulting, in an online interview.Sharif Naqib, senior director of project management and resourcing at IT consulting firm SADA, says the project sponsor must clearly understand the venture's value as well as key constraints, including timelines, scope, and budget. In an email interview, he advises project leaders to research ways to embrace enterprise and industry best practices and then build a draft timeline leveraging input from the team's subject matter experts.A quality project timeline will have deliverables and milestones with strict deadlines tied to them, says Mary Rivard, a partner with technology research and advisory firm ISG. "Milestones are critical, because they provide specific points within the project to measure progress and keep the team on track," she notes via email.Related:When planning, be sure to include time for business readiness, employee feedback, and training, Naqib advises. "Many project leaders leave time for quality assurance and solution testing but tend to underestimate the time it takes to prepare employees to work with and adjust to the new solution." Lacking this critical organizational change management component, the timeline may be thwarted by staff resistance and a lack of understanding, he warns.Ensuring AccuracyBuilding resilient project plans that can handle unforeseen, yet often inevitable changes, is key to ensuring timeline accuracy. "Understanding dependencies, identifying bottlenecks, and planning delivery around these constraints have shown to be important for timeline accuracy," Chandrasekar says.Project accuracy also depends on clear communication and tracking. "It's critical to consistently review timelines with your project team and stakeholders, making updates as new information is discovered," Naqib says. He adds that project timelines should be tracked with the support of a work management tool, such as SmartSheet or Jira, in order to measure progress and identify gaps.Yet even with perfect planning, unanticipated delays or changes may occur. Proper planning and communication are key to assuring timeline accuracy, says Anne Gee, director of delivery excellence for IT managed services at data and technology consulting firm Resultant. "During the planning phase, include buffer time, identify potential risks, and develop mitigation plans to handle delays proactively and stay on track," she advises via email.Related:Getting Up to SpeedLeaders often underestimate how long a task will take. "We think we can get something done fast and easily when the reality is that the solution is more complex," Gee observes. "Due to this mistaken thinking, project leaders often have overly optimistic timelines that don't account for resource constraints, potential delays, or unexpected challenges."Rivard believes that the biggest timeline mistakes include neglecting to clearly identify the project's scope and deliverables, not identifying and accounting for project dependencies, and failing to ensure that the necessary resources, with teams possessing the right skillsets, are available to work on the project.Getting Back on ScheduleProject delays are common and must be immediately addressed. The first step is to identify the cause of the delay so it can be effectively resolved, Gee says. The project leader will then need to determine whether additional resources are needed, or if resources must be reallocated to get the project back on schedule. "At the end of the day, extending the deadline may be necessary," she acknowledges.Related:To get a stalled project back on track, determine if the project scope can be revised or reduced, Rivard says. "Regardless of whether you're working toward [meeting] the original project scope or a reduced scope, you'll need to divide the remaining work into smaller tranches of prioritized tasks." She suggests assigning responsibility for the remaining tasks while reaffirming that the project has the appropriate skillsets available to accomplish its goals within the specified timeframe.The best way to get a lagging timeline back on schedule is to work with your project team to identify the root cause, Naqib advises. "Then, you can work with your team and your greater organization to explore possible resolution accelerators that will keep your timeline on track." He adds that resolution plans might include resequencing work, adding or subtracting the project's scope, adding or changing team members, or leveraging automation or existing code libraries to accelerate delivery.Parting ThoughtsStakeholder involvement should be encouraged throughout the project to ensure that their expectations align with the project timeline, Gee says. She also recommends documenting all decisions to prevent future confusion and errors. "Finally, don't forget to conduct a post-mortem after project completion to document any lessons learned -- especially as they relate to the timeline -- and store it where others can access it."About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeReportsMore Reports

The payload of a Near Space Labs balloon parachuting back to the groundNear Space LabsAutonomous balloons high in Earths atmosphere are taking incredibly detailed photos of neighbourhoods and individual homes in 28 US states, and from January 2025, they will be able to photograph the ground anywhere in the continental US. Such high-resolution aerial images can help those responding to climate-related natural disasters but they also raise privacy concerns.This is the first time ever that nationwide aerial imaging at this resolution 7 centimetres is accessible, says Rema Matevosyan, CEO and co-founder of the company behind

Leader and TechnologyRecent developments in AI and neurological research may prompt concern. However, placing outright bans on such research is unlikely to be the best solution - and may hold us back 27 November 2024 Yuichiro Chino/Getty ImagesIn 1818, Mary Shelley invented a technology that has been used for both good and ill in the centuries since. It is called science fiction.You may not think a literary genre counts as technology, but sci-fi stories have long been tools for predicting and critiquing science. Shelleys Frankenstein, regarded by many as the first true sci-fi novel, was powerful enough for South Africa to ban it in 1955. It set the formula with a tale that serves even today as a warning of unintended consequences.The precise science employed by the eponymous Victor Frankenstein in his creation isnt, as far as we know, possible. But researchers today are able to bring dead human brains back to something resembling life. Experiments are under way to resume cellular activity (but, crucially, not consciousness) after death to test the effects of treatments for the likes of Alzheimers disease (see The radical treatments bringing people back from the brink of death).AdvertisementIt is hard not to think of the many sci-fi tales dealing with similar scenarios and imagine what might happen next. The same is true of work reported in AI simulations of 1000 people accurately replicate their behaviour, in which researchers are using the technology behind ChatGPT to replicate the thoughts and behaviours of specific individuals, with startling success.The teams behind the work are blurring the lines of fact, fiction and what it means to be humanIn both cases, the teams behind this research, blurring the lines of fact, fiction and what it means to be human, are deeply aware of the ethical concerns involved in their work, which is being conducted with strong ethical oversight, and with its details made public at an early stage. But now that the technology has been demonstrated, there is nothing to stop more nefarious groups attempting the same, without oversight and with the potential to cause great harm.Does that mean the research should be banned, as Shelleys book was, for fear of it getting into the wrong hands? Far from it. Concerns about tech are best dealt with through appropriate, evidence-based regulation and swift punishment for transgressors. When regulators overreach, we miss out not only on the technology but the chance to critique and discuss it.Topics:

South Korean officials found that children's clothes from Temu and AliExpress contained toxic substances.Many fashion brands use toxic chemicals like PFAS and phthalates, which have come under increasing scrutiny.Consumers face less risk getting sick from these ingredients in clothing than textile plant workers do.Editor's note: This list was first published in August 2022 and has been updated to reflect recent developments.Chinese fast-fashion companies are coming under renewed scrutiny for toxic chemicals, a problem that has plagued the fashion industry globally.On Friday, Korean officials said they tested 26 pieces of children's winter wear from Temu, AliExpress, and Shein and found that seven contained toxic substances like phthalate plasticizers, lead, and cadmium.A children's jacket from Temu contained 622 times the legal limit for phthalate plasticizers, a chemical compound that makes plastics more flexible. Spokespeople for AliExpress and Temu said the products were removed, while a Shein spokesperson said the tested products were in compliance with regulations.This isnot the first time South Korea has found toxic chemicals in items from Chinese fast-fashion brands. In August, the Seoul Metropolitan Government found phthalates in some pairs of shoes, with one particular pair containing 229 times the legal limit. The same investigation revealed that sandal insoles sold by Temu contained 11 times more lead than legally permissible.And in an earlier investigation in May, Seoul officials said that they tested a pair of Shein shoes, and found that it contained 428 times the permitted levels of phthalates, according to theAFP.Experts said that many large clothing brands like Lululemon, Old Navy, and REI have been found to contain toxic chemicals in their clothes. While these chemicals are used at relatively low levels, exposure to toxic substances over time can elevate a person's risks of serious health conditions, such as asthma and kidney damage."It's not just people are exposed to one on a regular day," Alexandra McNair Quinn, a chemical sustainability consultant and founder of Fashion FWD, a nonprofit educating consumers about toxic chemicals in clothes, told BI in 2022. "It's the accumulation of all of these exposures in a regular day can be very harmful."Why chemicals are so pervasive in fashionThe use of chemicals like PFAS and lead is "fairly common" within the fashion industry, Marty Mulvihill, a general partner with Safer Made, a venture capital fund that invests in firms reducing exposure to harmful chemicals.Yoga pants and gym leggings sold by Lululemon and Old Navy contained PFAS, according to testing done by consumer health activist blogMamavation. Outdoor apparel brands Columbia, REI, and L.L. Bean received either a D or F grading for PFAS by Fashion FWD, a non-profit educating consumers about toxic chemicals in clothes.(In 2022, REI and L. L. Bean reiterated their commitment to product safety in statements to BI. Columbia, Lululemon, Old Navy, and Shein did not respond to BI's requests for comment at the time.)A 2012 sample of clothes from popular retailers detected phthalates in 31 garments, and lead had been found in baby bibs sold in Walmart and Babies R Us, BI previously reported.Quinn said manufacturers can add these chemicals to make them waterproof or stain-resistant, and soften ink on screen prints. Lead is sometimes found in low-cost pigments and inks, as well as zippers, and chromium can make leather more pliable.Exposure to toxic chemicals builds up over time Workers in clothing factories can suffer from skin and respiratory illnesses after exposure to toxic chemicals. Habibur Rahman / Eyepix Group/Future Publishing via Getty Images Exposure to substances like lead and phthalates may directly harm people manufacturing clothes more than consumers, said Scott Echols in 2022. Echols is a senior director at the ZDHC Foundation, which works with companies to limit their chemical footprint.The sustainable fashion analytics firm Common Objective estimated in 2018 that 27 million people working in fashion supply chains worldwide might suffer from work-related illnesses or diseases, including skin and respiratory conditions.Plus, the exposure to toxic chemicals builds up over time, Quinn said. Not only are these chemicals in clothing, they exist in our food, water, makeup, and personal care products."PFAS don't just go away, they're around for very, very long time and they're very harmful to the environment and to human health," Quinn said. "The government needs to develop a preventative approach where products don't go on the market until they're proven safe."How to spot chemicals in clothes, including lead, flame retardants, and 'forever chemicals'Quinn told BI that toxic chemicals used to make clothes include:Chromium, used in leather products that can weaken the immune system and lead to liver and kidney damage.Phthalates, which are used to soften the ink on screen prints. BI's Andrea Michelson reported phthalates has been linked to early deaths in American adults, especially due to heart disease, and can disrupt the body's hormones.Brominated flame retardants, which are sometimes found in children's pajamas to protect them from house fires. These chemicals, which are banned in Europe, can change thyroid functions and shift the way the body processes fats and carbs. Researchers are studying whether a link exists between flame retardant exposure and ADHD, BI previously reported.PFAS, also known as "forever chemicals," are a group of lab-grown chemicals that don't break down in the environment and are linked to a host of health conditions like liver damage, asthma, and chronic kidney disease. The substance is water resistant and can be found in waterproof or stain-resistant gear, Quinn said.Lead, a low-cost pigment or sometimes used as a cheap metal for zippers. Significant childhood lead exposure can lead to long-term developmental problems.How to avoid chemicals in clothesWashing new clothing is an important step in reducing residual substances, including potential toxins. Use hot water if the clothes' instructions allow it.To avoid purchasing clothing with PFAS, check your label for materials like Gore-Tex or Teflon, which could signal that the chemicals were used in the fabric. But the bigger concern is how those clothes affect the world around us."The biggest issue associated with consumer products isn't necessarily the direct exposure that we get from the products, but what gets released into the environment when those products are produced," Jamie DeWitt, the director of the Environmental Health Sciences Center at Oregon State University, told BI in 2019.In 2023, Laura Hardman, then the director of the Ocean Wise Plastic Initiative at the Ocean Wise Plastic Lab in Vancouver, Canada, told BI that she buys clothing made from natural fibers and dyes for her and her child."A lot of people make sure their babies' clothes are organic, cotton, and made with child-friendly dyes, but they're not aware of their own clothing. Your baby is probably sucking on your clothes more than she's sucking on hers," said Hardman, who now works with Dubai-based consultancy Sustainability Excellence.

Christian Louboutin made one key change to the iconic red soles from his namesake brand for Taylor Swift.Louboutin told InStyle he used rubber soles instead of leather for Swift's Eras Tour shoes.The shoe designer previously said he had crafted 250 pairs of shoes for the singer to wear on her tour.Taylor Swift's Eras Tour shoes were made for walking, running, and jumping regardless of the weather. After all, the show must go on.In an interview with InStyle published on Wednesday, shoe designer Christian Louboutin said that he made one key change to his iconic red soles when creating footwear for the singer on her tour."Weather is unpredictable," Louboutin told InStyle. "However, each pair is crafted with a signature red rubber sole, which makes it easy to dance."The shoe brand's iconic red soles are usually made from leather and painted with a special red lacquer, per Louboutin's website.The designer added that he typically uses rubber soles when designing shoes for musicians on their tours, as this ensures that the shoes can withstand performances night after night.The designs of Swift's Eras Tour shoes were inspired by the singer's past looks, and were the result of a collaborative effort between Swift, her stylist Joseph Cassell, and himself, Louboutin said."Each pair is made to fully allow for quick changes through the entirety of the show. As they are dancing for over three hours, comfort is also extremely important. So we incorporated sturdy block heels and also flats," Louboutin said.In November last year, one lucky Swiftie managed to snag an exclusive Eras Tour souvenir a bejeweled heel from one of the singer's Louboutin boots that had broken off while she was performing.In May, Louboutin told Vogue that he had designed 250 pairs of shoes for the superstar, including 60 new pairs for the European leg of her Eras Tour alone.Luxury cobblers previously told Business Insider that the "Cruel Summer" singer may have sparked an interest in Louboutins among Gen Z after donning the red soles on her tour."She's a big influencer in the brand and product," Pasquale Fabrizio, designer and owner of Pasquale Shoe Repair in Los Angeles, said. "Just endorsing it and wearing it allows the younger generation of girls to go after that look. She exemplifies fashion."Fabrizio added that he's seen more and more people come into his shop over the past few years to have their Louboutin shoes repaired.For reference, the brand's iconic stiletto pumps cost upward of $795, while boots cost upward of $1,195, per the brand's website.A representative for Swift did not immediately respond to a request for comment sent by Business Insider outside regular hours.