- Understanding Airport Security, Billy Rios, Director of Threat Intelligence, Qualys. August 2014.
Saturday, August 16, 2014
Eventually, Russia will be attacked – even if that attack takes place well inside the Ukraine.
The White House Has No Idea What's Going On With The Russian Convoy In Ukraine
Despite eyewitnesses seeing a column of Russian military vehicles crossing into Ukraine on Thursday that was reportedly attacked on Friday by the Ukrainian military, The White House released a statement saying it was "not currently in a position to confirm" this series of events.
… "Even as we work to gather information, we reiterate our concern about repeated Russian and Russian-supported incursions into Ukraine. Russia has no right to send vehicles, persons, or cargo of any kind into Ukraine, under any pretext, without the Government of Ukraine’s permission."
An Economic Explanation for Putin’s Recklessness
… What is Vladimir Putin to do? Boosting the economy would likely require reforms (opening up the energy industry to foreign investors, improving the business climate with a more reliable regulatory and legal climate) that would loosen his grip on power and at best result in a modest growth uptick — especially compared to those crazy leaps of a decade ago. So Putin has gotten his country into a scrap with Ukraine and the West that is probably depressing growth, but has also rallied the country’s people around him. And it’s unlikely to hurt the economy that much, write economists Clifford G. Gaddy and Barry W. Ickes in one of a pair of enlightening recent essays:
Security Theater “You can fool some of the people all of the time...”
Paper – TSA device flaws compromise airport security
Via FCW.com: “The cybersecurity vulnerabilities uncovered in a number of the Transportation Security Administration’s electronic security and personnel management devices are part of a growing problem for federal IT managers, according to the expert that discovered and reported the flaws. Billy Rios, director of threat intelligence at Qualys, a large security tech firm, presented a paper in early August at the Black Hat cybersecurity convention that showed electronic backdoors, hard-coded credentials and other fundamental security flaws in a number of the TSA’s detection, management and security devices.”
(Related) We must identify any security vulnerability that a moderately knowledgeable teenager could find – let alone well funded terrorist organizations. What is the alternative? Ignore open doors into secret data files? “Gentlemen do not read other gentleman's mail?” “Can't we all just get along?”
Report: British spy agency scanned for vulnerable systems in 32 countries
PCWorld via Mikael Ricknäs: “British intelligence agency GCHQ used port scanning as part of the “Hacienda” program to find vulnerable systems it and other agencies could compromise across at least 27 countries, German news site Heise Online has revealed. The use of so-called port scanning has long been a trusty tool used by hackers to find systems they can potentially access. In top-secret documents published by Heise on Friday, it is revealed that in 2009, GCHQ started using the technology against entire nations. One of the documents states that full scans of network ports of 27 countries and partial scans of another five countries had been carried out. Targets included ports using protocols such as SSH (Secure Shell) and SNMP (Simple Network Management Protocol), which are used for remote access and network administration. The results were then shared with other spy agencies in the U.S., Canada, the U.K., Australia and New Zealand. “Mailorder” is described in the documents as a secure way for them to exchange collected data. Gathering the information is only the first step, according to Heise Online. The documents also reveal “Landmark,” a program started by the Canadian spy agency CSEC to find what it calls ORBs (Operational Relay Boxes), which are used to hide the location of the attacker when it launches exploits against targets or steals data, Heise said. For example, during an exercise in February 2010, eight groups of three “network exploitation analysts” were able to find 3,000 potential ORBs, which could then potentially be used by CSEC.”
Perspective. Is Cable TV obsolete?
In a first, cable companies’ broadband subscriptions surpass TV subscriptions
A Record 300 Million Smartphones Shipped in Q2: IDC
… Shipments shot up 25.3 percent, from 240.5 million units a year ago. A major driver: the growing popularity of inexpensive smartphones that run Google's Android mobile operating system (OS).
If we no longer teach cursive, will these documents become another “lost language?”
Smithsonian Project Brings Rare Historical Documents Online for Public Access
FCW.com: “Volunteers are powering an effort by the Smithsonian Institution to create online, searchable versions of its vast collections of diaries, journals, biological specimens and other historical gems. After more than a year of testing, the project came out of beta Aug. 12, with officials inviting the public to join in the massive transcription and labeling effort. The Transcription Center attracted about 1,000 active volunteers during its testing phase, and that group has grown by more than 800 since the public launch, according to project coordinator Meghan Ferriter. Volunteers dive into a variety of projects, including transcribing texts that are often handwritten and occasionally in languages other than English. Volunteers also review submitted work before it is published.”
For my Ethical Hackers. The story of a hack – the potentials are limitless on the Internet of Things.
by Ramez Naam
[Download the PDF at: http://www.iftf.org/fileadmin/user_upload/downloads/th/4._Water_RamezNaam.pdf
For my student gamers... (Also some cheap, but not free stuff)
App Store Animated Savings: Disney, Adventure Time & Powerpuff Girls [iOS Sales]
Rollercoaster Tycoon 4 Mobile ($0.99, now free)
Love Exploring? These RPGs Are Made For You
I often think of lists like this as checklists for my students.
10 Excuses That Unproductive People Come Up With
Laughter is the best medicine.
… “Education Department Awards 40 States, D.C., and the Virgin Islands $28.4 Million in Grants to Help Low-Income Students Take Advanced Placement Tests” – so congrats to the College Board that will profit handily (wink wink) from this boost.
… Meanwhile, the Republican National Committee has denounced the the College Board for new frameworks it has issued for the AP US History exam, claiming it promotes a "radically revisionist view of American history that emphasizes negative aspects of our nation’s history while omitting or minimizing positive aspects."
… The Cape Henlopen School Board in Delaware has scrapped its summer reading list for incoming high school students. Originally the board chose to remove from the list The Miseducation of Cameron Post, a coming-of-age story about a gay teen in Montana. But when anti-censorship groups questioned that decision, the school board ditched the recommended reading list altogether. [Confirms my belief that School Boards don't understand how education works. Bob]