All
kinds of questions here. Did Nokia tell the other phone
manufacturers who were leasing their software? Did the bad guys ever
modify the code? Should they have told their customers? Interesting
that in the “Age of Surveillance” the cops can't track whoever
picked up the cash. (Perhaps they should have put a phone in the
bag?)
Nokia
'paid millions to software blackmailers six years ago'
Finnish
telecoms equipment company Nokia paid several million euros to
criminals who threatened to reveal the source code for part of an
operating system used in its smartphones some six years ago, Finnish
TV station MTV said on Tuesday.
The
police confirmed to Reuters that they were investigating a case of
alleged blackmail and that the case was still open. Nokia was not
immediately available for comment.
… MTV said that the blackmailers had acquired
[Interesting
choice of words... Bob] the encryption key for a core
part of Nokia's Symbian software
and threatened to make it public.
Had it done so anyone could
then have written additional code for Symbian including
possible malware which would have been indistinguishable from the
legitimate part of the software,
MTV said.
After the blackmail attempt Nokia contacted the police and agreed to
deliver the cash to a parking lot in Tampere, central Finland. The
money was picked up but the police lost track of the culprits, MTV
said.
For
my Computer Security students. It's far cheaper to put up a “This
site is secure” logo than to actually make the site secure.
However this only fools users, since hackers would never read it –
we find unsecured sites by running programs (called spiders) that
automate the search.
Lessons
in insecure SSL courtesy of Hoyts cinemas
The
law is clear and has been available for years. Funny how no one
cares until it hits the news.
Google
and Facebook can be legally intercepted, says UK spy boss
UK intelligence service GCHQ can legally snoop on British use of
Google, Facebook and web-based email without specific warrants
because the firms are based
abroad, the government has said.
Classed
as "external communications", such activity can be covered
by a broad warrant and intercepted without extra clearance, spy
boss Charles Farr said.
The
policy was revealed as part of a legal battle with campaign group
Privacy International (PI).
…
However, he said data collected in this way "cannot be read,
looked at or listened to" except in strictly limited
circumstances.
…
Mr Farr says that actually reading or examining a Briton's
communications swept up in this way would still require a domestic,
more targeted warrant.
(Related)
Or until it's an election year.
Senators
Ron Wyden, Mark Udall, and Rand Paul have jointly authored an op-ed
in the Los Angeles Times. They write, in part:
Although the bill approved by the House is intended to end bulk
collection, we are not at all confident that it would actually do so.
The bill would require the government to use a “selection term”
to secretly collect records, but the definition of “selection term”
is left vague enough that it could be used to collect all of the
phone records in a particular area code or all of the credit card
records from a particular state. Meanwhile, the bill abandons nearly
all of the other reforms contained in the Senate version of the USA
Freedom Act, while renewing controversial provisions of the Patriot
Act for nearly three more years.
This is clearly not the meaningful reform that Americans have
demanded, so we will vigorously oppose this bill in its current form
and continue to push for real changes to the law. This firm
commitment to both liberty and security is what Americans —
including the dedicated men and women who work at our nation’s
intelligence agencies — deserve. We will not settle for less.
Read
the op-ed on the L.A.
Times.
Tools
& Techniques. Remember the old (in Internet years) saying:
practice “Safe Hex!” Perhaps you should buy one for your CEO and
other travelers?
Gear
to Block ‘Juice Jacking’ on Your Mobile
…
Juice-jacking as a threat probably first crept into the collective
paranoia of gadget geeks in the summer of 2011, after I wrote a story
about two researchers at the DefCon hacker
convention in Vegas who’d set
up a mobile charging station designed to educate the unwary to
the fact that many mobile devices (particularly Apple devices) are
set up to connect to a computer and immediately sync data.
Their
proof-of-concept was a reminder that in the (admittedly unlikely)
event that a clever attacker managed to hide a small computer inside
of a USB charging kiosk, he might be able to slurp up your device’s
data.
Since
that story, several products have sprung up to help minimize such
threats. These small USB pass-through devices are designed to allow
charging yet block any data transfer capability. The two products
I’ve been using over the past few months include the “USB Condom”
and a device called the “Juice-Jack Defender.”
USB Condom http://www.usbcondoms.com/
Juice-Jack Defender http://www.chargedefense.com/
...and
our government is making it mandatory! How wonderful.
How
the U.S. Health Care System Compares Internationally
by
Sabrina I.
Pacifici on June 17, 2014
The
Commonwealth Fund: “The United States health
care system is the most
expensive in the world, but
this
report and prior editions consistently show the U.S.
underperforms
relative to other countries on most dimensions of performance. Among
the 11 nations studied in this report—Australia, Canada, France,
Germany, the Netherlands, New Zealand, Norway, Sweden, Switzerland,
the United Kingdom, and the United States—the U.S. ranks last, as
it did in the 2010, 2007, 2006, and 2004 editions of Mirror, Mirror.
Most troubling, the U.S. fails
to achieve better health outcomes
than the other countries, and as shown in the earlier editions, the
U.S. is last
or near last on dimensions of access, efficiency, and equity.
In this edition of Mirror, Mirror,
the United Kingdom ranks first, followed closely by Switzerland.”
“Hey,
he looked suspicious!”
Last
Friday, Judge Sullivan (D.D.C.) dismissed
Meshal v. Higgenbotham, a long-outstanding Bivens
suit brought by a U.S. citizen who alleged that, while travelling in
the Horn of Africa, he was detained for four months, interrogated,
and tortured at the direction of–and by–U.S. government officials
(tellingly, the government did not claim that the alleged conduct was
constitutional). In a thoughtful 37-page opinion setting forth his
reasons for dismissing the case, Judge Sullivan offered a fairly
candid (and, in my view, accurate) explanation for why Meshal
couldn’t recover for conduct that, if proven, would unquestionably
constitute “appalling (and, candidly, embarrassing)” violations
of his constitutional rights: In a nutshell, it’s the Fourth,
Seventh, and D.C. Circuits’ fault.
Tools
& Techniques: for lawyers and my Criminal Justice students.
New
Way to Look at Law, With Data Viz and Machine Learning
by
Sabrina I.
Pacifici on June 17, 2014
Wired
– [snipped] “As its creators [Daniel Lewis and Nik Reed] see it,
Ravel’s
visual search offers myriad improvements over the old columns of text
results. It better lets you see how cases evolved over time, and
potentially lets you see outliers that could be useful in crafting an
argument–cases that would languish at the bottom of a more
traditional search. The visualization, Reed insists, “tells a lot
more of the story of law than the rank ordered list.” (That might
be true. When they first showed their visual search to a veteran
judge, he looked at the complex map of circles and responded: “This
is how my brain works!”).
- Note – there is a free and a premium version for subscribers. See Robert Ambrogi’s profile of the company to understand more about this new generation of visualization and relational context for online legal research. Ravel’s footprint is still small in comparison to those of LexisNexis and Westlaw, but relevancy is based on deliverables. The very scope of “searching” has transcended the linear into an often overwhelming realm of big data, analysis and visualizations that provides altogether different kinds of “results” to “queries.” These are indeed interesting times, and the legal community is the beneficiary of innovative, results driven technology solutions such as this one.
Is
this strategy defensible? Can the lawsuits possibly cost less that
the profits? I guess they couldn't work deals with the “New Music”
bloggers who have huge followings, so they must have said, “Let's
see if we can replicate Apple's mistakes in selling music and
Amazon's in selling books.” What they did say was, “Take it or
leave it.”
YouTube
to block indie labels as it launches paid music service
YouTube
is about to begin a mass cull of music videos by artists including
Adele and the Arctic Monkeys, after a number of independent record
labels refused to sign up to the licensing terms for its new
subscription service.
The
Google-owned company will start blocking videos “in a matter of
days” to ensure that all content on the new platform is governed by
its new contractual terms, said Robert Kyncl, YouTube’s head of
content and business operations.
Google’s
decision to press ahead without some of the best-known artists shows
its determination to enter the fast-growing market for music
subscription services. Amazon last week launched its own service as
part of its Prime subscription bundle, while Apple last month
acquired Beats Music through its $3bn purchase of headphone maker
Beats Electronics.
Perspective.
Chili's
Has Installed More Than 45,000 Tablets in Its Restaurants
A
suggestion for my students. It might be amusing to write an App to
pull all of this data into one file. Be sure to keep a defibrillator
handy if you show the results to your CEO.
How
Much Does Google Really Know About You?
For
my students who research. Kinda-sorta like electronic Xeroxing.
Never
Lose That Webpage Again: 6 Ways To Read It Later On Any Platform
There’s
one HUGE problem with Internet bookmarks: if the website goes down or
you have no web access, you’re out of luck. Few things are more
frustrating than needing a bookmark only to find there’s nothing
you can do to visit it. Rest assured, however, because there’s a
handy solution.
Instead
of bookmarking a web page, consider archiving it. If you download
and store a local copy of the web page, you can access it whenever
you want – even if the site itself goes down. The downside is that
archives use more hard drive space than bookmarks do, but the
trade-off is well worth it.
Something
to tease my Math students with...
Monkeys
Can Do Math
…
Rhesus macaques that have been trained to associate numerical values
with symbols can get the answer right, even if they haven’t passed
a math class. The finding doesn’t just reveal a hidden talent of
the animals—it also helps show how the mammalian brain encodes the
values of numbers.
Previous
research has shown that chimpanzees can add single-digit numbers.
But scientists haven’t explained exactly how, in the human or the
monkey brain, numbers are being represented or this addition is being
carried out. Now, a new study helps begin to answer those questions.
Food
for thought. This is what makes changing the “Culture” of an
organization so difficult.
Strategy
Isn’t What You Say, It’s What You Do
You
sometimes hear managers complain that their organization has no
strategy. This isn’t true. Every organization has a strategy: its
strategy is what it does. Think about it. Every organization
competes in a particular place, in a particular way, and with a set
of capabilities and management systems — all of which are the
result of choices that people in the organization have made and are
making every day.
When
managers complain that their company’s strategy is ineffectual or
non-existent, it’s often because they haven’t quite realized that
their strategy is what they’re doing rather than what their bosses
are saying.
No comments:
Post a Comment