Monday, June 02, 2014
Hit them were they ain't looking.
Windows PowerShell Increasingly Abused by Attackers
Windows PowerShell is a task-based command line shell and scripting language that enables IT teams to control and automate the administration of the operating system and applications. Built on the .NET Framework, the tool is available for all current versions of Windows, and it has been included by default starting with Windows 7.
Experts believe cybercriminals are increasingly relying on PowerShell because this is not a common technique and IT administrators who are usually on the lookout for malicious binaries might overlook threats that abuse the scripting tool.
Perspective, and a warning.
Business Adapts to a New Style of Computer
Are companies ready for billions of everyday objects to join the Internet? MIT Technology Review - Antonio Regalado on May 20, 2014.
“The Internet of Things is especially important for companies that sell network equipment, like Cisco Systems. Cisco has been enthusiastically predicting that 50 billion “things” could be connected to communications networks within six years, up from around 10 billion mobile phones and PCs today (see “Silicon Valley to Get a Cellular Network, Just for Things”). Another beneficiary is the $300 billion semiconductor industry. As Blaauw notes, “Every time there has been a new class of computing, the total revenue for that class was larger than the previous ones. If that trend holds, it means the Internet of things will be bigger yet again.” But every shift promises pain, too. Large companies like Intel are already reeling from the rapid emergence of smartphones. Intel, with its powerful, power-hungry chips, was shut out of phones. So was Microsoft. Now both these companies, and many others, are groping to find the winning combination of software, interfaces, and processors for whatever comes next.”
The Economics of the Internet of Things
Government by magic? Regulating without regulations?
A number of people were hopeful that the FTC would disclose more information about its data security standards in testimony to be provided by Daniel Kaufman, Deputy Director of the FTC’s Bureau of Consumer Protection, in FTC v. LabMD.
If you were expecting new insights, however, you will likely be disappointed. Rather than having Kaufman testify last week during the heading before Administrative Law Judge Chappell, both LabMD and the FTC agreed to simply enter Kaufman’s deposition into the record.
So what was in his deposition? Here’s a sample exchange.
… The short version: for pretty much every aspect of the complaint in paragraph 10, Kaufman testified that the FTC had communicated that standard via its speeches, business guidance documents, testimony to Congress, and previous settlements, but he would not go so far as to say whether LabMD could have violated any of those standards and still be found to have complied with “reasonableness” under Section 5.
So where does that leave entities? It seems that we all must follow all of the FTC’s speeches, blog entries, and testimony to Congress, in addition to reading all of their settlements and closing letters if we want to deduce what all the standards are that we must comply with to stay on the safe side of the FTC.
… I’ve uploaded the second day of Kaufman’s deposition here (pdf), if you’d like to read it in its entirety.
Perhaps we could build one like this for the FTC?
New on LLRX – World leading online privacy law library gets big increase in capacity
The International Privacy Law Library on WorldLII has been expanded. The Library’s 32 databases include about 3,600 decisions of 13 privacy and data protection authorities, from New Zealand, Ireland, the United Kingdom, Hong Kong, Australia, Korea, Macau, Mauritius, the United States and the European Union.
This could get really messy.
Google's 'Right To Forget' Approach Should Not Be Leveraged By The Music Industry
Following the EU ruling on the principle of a ‘right to be forgotten’ by a search engine, Google has put in place their “initial effort” to comply with the ruling. Critics of Google in the music industry are looking at the reaction to the ruling, and are hoping to use it to bolster their arguments that the Mountain View based company should do more to police their search engine results.
… In a sense a link to something that could damage an individual is now beginning to be treated in the same way as a link to something that could damage the value of a copyrighted piece of media.
This has not stopped the music industry pointing out the ‘right to forget’ process to strengthen their argument that Google should be determining the legality of content not held on Google’s servers. Geoff Taylor is the Chief Executive of the BPI, the UK’s trade body for the music industry. Quoted in The Guardian, he makes the case that Google should be more proactive in dealing with outbound links from the search engine.
“It’s ‘Don’t be Evil’ 101,” says Geoff Taylor, chief executive of the music industry’s trade body, the BPI. “The principle at stake here is when you know someone is acting illegally, you shouldn’t continue helping them by sending them business.”
For me, the key part of the quote here is “when you know someone is acting illegally”. Computers must follow hard and fast rules they are not very good at judgement calls. Google cannot yet automatically decide with certainty if something it is linking to is ‘fair use’, ‘parody’, or ‘breaking copyright’.
The music industry and Google have a long antagonistic relationship with each other around linking to potentially copyrighted material. The EU ruling around the ’right to be forgotten’ is an important social issue that generates differing viewpoints on either side of the Atlantic that needs to be addressed. It should not be used in the continued debate around linking to material that may or may not be breaking copyright.
Question: How does political fund raising impact regulation? Also note that “creating” a channel to politicians does not ensure that it will be used, by either end of the “conversation.”
Social Media #FTW!: The Influence of Social Media on American Politics
Via LLRX - Thesis submitted to Johns Hopkins University in conformity with the requirements for the degree of Master of Arts in Government by Kenneth Scott Ames
Social Media #FTW!: The Influence of Social Media on American Politics – Abstract: “Social media has transformed politics in America. Its effect has impacted the way candidates campaign for the presidency, Members of Congress operate their offices, and advocacy organizations communicate with policymakers and supporters. Social media allows politicians and organizations a method to connect directly and without filters with people across the country, assemble a constituency, and solicit their support at a reduced cost and greater reach than traditional media. Social media is not simply the next in a line of communications technologies: it has changed everyday activities and connected people in a manner never before possible. The rise of smartphone technology has enabled this trend since people can access the Internet almost anywhere making a mobile device a potential organizing and fundraising tool. Social media has transformed politics in America because it creates an instantaneous multi-directional public dialogue that offers the ability to rapidly analyze the data and learn from the findings on an unprecedented scope.”
For my Ethical Hackers. Hack one, hack them all.
Google to launch 180 satellites in $1bn plan to cover the unwired
Google will spend north of $1bn to launch a fleet of 180 satellites to blanket unwired parts of earth with internet access, according to the Wall Street Journal.
While details of the project are subject to change, people familiar with Google's satellite plans told the paper the project will start with 180 small, high-capacity satellites that orbit lower than typical satellites.
Perspective. I never would have guessed... (Very strange headline)
This Is The Most Commonly Spoken Language Spoken In Your State
The handy map below takes a look at the most common languages spoken at home, other than Spanish or English.
Amusing and potentially very scary.
– is a site that offers human-sized photos. They are called Engineer Prints because the prints are made on industrial printers typically used for architectural and engineering work. Your photo will be printed in halftone black and white ink on extra-light 20lb bond at a whopping 4 feet wide. Once it’s done it ships free, rolled nice and neat for just $40.
My students think “Free is Good!” I hardly had to train them at all. I list the ones I like.
6 Ways You Can Use Microsoft Office Without Paying For It
Microsoft Office remains the gold standard in office applications. Sure, Office alternatives exist, but Microsoft’s file formats dominate. People with access to Office tend to have an easier time than those who lack it, because while alternatives like LibreOffice can export to .doc or .xls, the formatting isn’t 100% compatible.
Microsoft itself offers a collection of free Office utilities formerly known as Office Web Apps and now called Office Online. They are essentially browser-based versions of the latest Office suite. You can use Word, Excel, and PowerPoint without paying a dime.
Ask Your School Or Employer
Many companies offer a low-cost or no-cost version of Office for a fairly obvious reason; the people working or studying there need it. Academic institutions often participate in Microsoft’s DreamSpark program (formerly MSDNAA), allowing them to offer professional software to their students and employees for free.