Probably more hype, since “Cyber War”
looks like the easiest way to get a larger Defense budget. However,
in a globally connected world, a well funded (state sponsored?)
hacker could shut down the economy of one or several countries by
disabling infrastructure. Think not? Look at New Jersey.
"Blake Clayton with an
excellent piece on the
cyber threat to the global oil supply.
His description of the August attack on Saudi Aramco, which rendered
thirty
thousand of its computers useless, helps
make his point. From the article: 'The future of energy insecurity
has arrived. In August, a devastating cyber attack rocked one of the
world’s most powerful oil companies, Saudi Aramco, Riyadh’s
state-owned giant, rendering thirty thousand of its computers
useless. This was no garden-variety breach. In the eyes of U.S.
defense secretary Leon Panetta, it was “probably the most
destructive attack that the private sector has seen to date.”'"
(Related) If you want to own/destroy
infrastructure, you should be practicing... A real concern would be
evidence that an actor could control the attack well enough to select
specific targets.
"We hear a lot about
vulnerabilities in industrial control system (ICS) software. But
what about real evidence
of compromised SCADA and industrial control systems?
According to security researcher Michael Toecker, a consultant at
the firm Digital Bond, the evidence for infected systems with links
to industrial automation and control systems is right under our eyes:
buried in public support forums.
Toecker audited support sites like bleepingcomputer.com, picking
through data dumps from free malware scanning tools like HijackThis
and DDS. He found scans of infected systems that were running
specialized ICS software like Schweitzer Engineering Labs (SEL)
AcSELerator Software and GE Power's EnerVista Software (used to
configure GE electric power protection products). The infected end
user systems could be the pathway to compromising critical
infrastructure, including electrical infrastructure. 'With access to
a protection relay through a laptop, a malicious program could alter
settings in the configuration file, inject bad data designed to halt
the relay, or even send commands directly to the relay when a
connection was made,' Toecker wrote."
Is DHS the best place for this?
Granted there is a possibility that terrorists could use a bio
weapon, but would TSA-like screeners every detect it? More likely,
this is a foot in the door of “Ubiquitous Social Media Monitoring”
"Nextgov reports 'The Homeland
Security Department has commissioned Accenture to test technology
that mines
open social networks for indications of pandemics, according to
the vendor.' This will kick off a year-long biosurveillance program,
costing $3 million, that will log trends in public health by looking
through public posts. This ties back to White House guidelines
released in July that ask federal agencies to 'Consider social media
as a force multiplier that can empower individuals and communities to
provide early warning and global situational awareness.'"
[From the article:
The business case for the new DHS
program has not been proved yet, Accenture officials acknowledged.
“Our pilot program seeks to prove this case,” said John
Matchette, Accenture managing director for U.S. public safety. “In
theory, social media analytics would have shown timely indicators for
multiple past biological and health-related events.”
In July, President Obama issued a
national
strategy for biosurveillance that directs federal agencies to
think outside the box in detecting incidents.
How the world sees Privacy?
Global
survey on Internet privacy and freedom of expression
… The publication also supplies
additional sources of reference for interested readers to use to
further investigate each of the subjects highlighted.
The publication explores a range of
issues, such as:
- threats to privacy that have developed through the Internet,
- international legal standards on privacy and responses to these emerging issues,
- complex intersections between the rights to privacy and freedom of expression,
- UNESCO recommendations to states and corporations for better practice,
- overview of literature, background material and tools on international and national policy and practice on privacy and freedom of expression on the Internet.
Download (English): Full
version Executive
summary
An interesting ethical question to kick
around. At what age should we stop holding Mon and Dad accountable?
Isn't this all “Public” and therefore open to a public reply?
… as a reflection of society too,
it wasn't surprising (sadly) that there was a significant
uptick in hate speech on Twitter as people
reacted to President Obama’s re-election.
… The “geography of information”
website FloatingSheep.org
aggregated some 400 racist tweets from Tuesday night, mapped them,
and compared states’ racist tweeting patterns. (Details on the
methodology are here.)
Rather than looking in aggregate at the
Twitter patterns, the Gawker
Media-owned website Jezebel called out by name
and Twitter handle many of the individuals who had tweeted racist
reactions to the President’s re-election, first with a gallery
highlighting some of the tweets and then with a
follow-up
story, tracking down some of these users’
identities.
Specifically, Jezebel re-published the
tweets, tracked down teens' locations and their schools, called those
schools and then published the schools’ responses (or lack
thereof).
… Responding to Jezebel's story,
GigaOm’s
Mathew Ingram questioned the decision to
publish the teens’ names, asking when and if it’s okay to
publicize this sort of “bad behavior” from teens:
Is New Zealand that mad at the US for
this bungled attempt to “enforce Copyright law?”
Kim
DotCom: New Zealand will be home to new MegaUpload site
New Zealand appears to be embracing Kim
DotCom and the service he's creating to replace MegaUpload.
DotCom announced on Twitter that his
new cloud-storage service will use a New Zealand-based domain:
Mega.co.nz. DotCom attempted to use
a domain name from the West
African country of Gabon, but that country's administration last
week ordered that the domain, Me.ga, be suspended.
DotCom didn't waste anytime finding a
new domain name.
Tools for serious writers... (Mac or
Windows)
'Scapple':
Very Interesting New Software From the Creator of Scrivener
I'll spare you my whole speech about
the inklings of another at-least-mini golden age of Interesting
Software, especially though not only for the Mac. I consider
Scrivener
the single most useful writing program I've ever come across; I'm
fascinated by Tinderbox
and TheBrain;
I have come to trust and rely on both Evernote
and DevonThink;
and so on
… I'll spare you that speech (and
you can see links to some past articles about Scrivener here)
so as to get right to the new program I want to mention. It is
called Scapple; it is from Literature and Latte, the small English
company that produces Scrivener; it's still in open beta; and it is
so easy to use and understand that you can very quickly grasp what it
might and might not do for you.
An explanation of the program is here;
it includes the link to download the beta version, which I'm not
giving you directly because I think it's worth reading the
background.
For my Computer Security geeks
Our infographic today is from Fixmo
and it shows the various “threats, vulnerabilities and risks with
mobile devices in enterprise”.
Not that my students would ever get
bored in class, but...
- Also read related article: How
To Schedule Recording A Radio Station On Windows Or Mac.
No comments:
Post a Comment