Consider:
The President was briefed on the JPMorgan hack and the potential
for damage was explained.
President
Barack Obama believes cyber terrorism is one of the biggest threats
to national security and says the White House is bracing for a
possible doomsday scenario if hackers can successfully penetrate
government and business computer systems, the FOX Business Network
has learned.
…
At the fundraisers, the president laid out what one person with
first-hand knowledge of the fundraising meetings called a “doomsday”
scenario if hackers can successfully gain entry into government
systems or breach security walls at major banks.
“The
president is worried that cyber
criminals could literally wipe out the identities of millions of
people through some breach of government systems and that
could lead to massive chaos,” this person said.
(Related)
The President is speaking hypothetically, DHS deals with actual
events.
Critical
Manufacturing Firm Hit by Sophisticated Threat Actors: DHS
Several
sophisticated threat groups have breached the systems of
a major critical manufacturing company, the Department of Homeland
Security (DHS) revealed last week in a report.
According
to the report,
which summarizes the Industrial Control Systems Cyber Emergency
Response Team's (ICS-CERT) activities in the second quarter of 2014,
the attackers had access to the unnamed manufacturing organization's
networks for
several months.
…
A
study
published this summer revealed that 70% of critical infrastructure
organizations had suffered at least one security breach that either
led to the disruption of operations or the loss of confidential
information.
The
DHS has been actively involved in the protection of critical
infrastructure, but the agency has also made some mistakes that could
have had serious consequences. In July, in response to a freedom of
information act (FOIA) request, the DHS mistakenly
released 840 pages of documents containing details on potentially
vulnerable critical infrastructure points across the U.S.
For
my Computer Security students. These are fun questions to ask your
managers. Tell them it is for a project at school.
Is
Your Company Ready for a Big Data Breach?
The
Second Annual Study on Data Breach Preparedness –
Ponemon Institute© Research Report – Sponsored by Experian® Data
Breach Resolution – Independently conducted by Ponemon Institute
LLC. Publication Date: September 2014.
“Data
breaches are increasing in frequency. Forty-three percent of
respondents say their companies had a data breach involving the loss
or theft of more than 1,000 records, an increase of 10 percent from
2013. Sixty percent of respondents say their companies have had more
than one breach. Last year, 52 percent of respondents said their
company had more than one breach. Current data breach preparedness
programs often fail to deal with all consequences of an incident.
Despite the increased existence of data response teams and plans in
organizations represented in this research, Figure 1 reveals 68
percent of respondents do not agree their company would know how to
deal with negative public opinion, blog posts and media reports.
Further, only 67 percent do not agree their organization understands
what needs to be done following a material data breach to prevent the
loss of customers’ and business partners’ trust and confidence.”
Apple
is not a bank. But, could we someone steal as much
from them? Looks like it.
Apple
Pay Setup Process Revealed as Retail Employees and Partners Begin
Training
Apple
has begun preparing its retail employees and retail partners for the
upcoming launch of its Apple
Pay mobile payments service with a host of new training materials
that show the feature in action, reports
9to5Mac.
Users
will be able to set up Apple Pay in Passbook or through the Settings
app, as up to eight credit
or debit cards be connected with an iTunes account or by
scanning one in with the iPhone's camera. Every card connected to
the service will allow users to access a number of features,
including the ability to see a simple transaction list, the ability
to turn on push notifications, and an area that allows quick access
to a bank's phone number and an accompanying app. Passbook
will also be able to automatically update an expired card with a new
expiration date without the need to re-enter information.
(Related)
PayPal
Mobile API Flaw Allows Security Feature Bypass
For
security reasons, PayPal accounts are temporarily blocked if someone
enters incorrect passwords several times. In order to have the
account unblocked, the user must answer a series of security
questions.
While
this security feature is enforced in the regular Web application, the
mobile API doesn't check if the account is restricted before allowing
the user to attempt to log in again, Benjamin Kunz Mejri,
Vulnerability Lab founder and the one who identified the issue,
revealed in an advisory published last week.
Biometric
security.
Banks
Are Harvesting Your 'Voiceprint' On The Phone To See If You're Lying
…
Two major U.S. banks, JPMorgan Chase & Co. and Wells Fargo &
Co., use voice screening, also known as voice biometric blacklists,
according to three people familiar with the arrangements, all of whom
spoke on condition of anonymity because the system was meant to
remain secret.
…
"It's in the background. It doesn't affect the call in any
way," said Inscoe. "Nobody even knows it's happening."
Healthcare.
Apparently the potential to make huge amounts of money is attracting
everyone.
The
doctor will see you now — through Google
…
Developer Jason Houle noticed an interesting feature when he googled
“knee pain” on an Android device recently: Google was offering
him to “talk with a doctor now” through a video chat. He posted
a screenshot to Reddit on Friday, and Engadget confirmed
yesterday that Google was indeed testing the feature.
The
extraordinary aspect of the feature is that it suggests Google does
actually harbor major ambitions for its
expert-chatting feature, Helpouts, specifically in the domain of
health care.
…
It’s HIPAA-compliant,
ensuring doctors won’t need to worry about the security of patient
information, as VentureBeat
reported last year.
I
hypothesize a zombie attack in my Disaster Recovery class, perhaps I
could work robots into my Computer Security class? Will there be a
market for drones (balloons?) I can fly to establish that I do use
the air over my property and that drones could interfere with that
use?
Self-Defense
Against Robots
A.
Michael Froomkin and Zak Colangelo on “Self-Defense
Against Robots”
“Deployment
of robots in the air, the home, the office, and the street inevitably
means their interactions with both property and living things will
become more common and more complex. This
paper examines when, under U.S. law, humans may use force against
robots to protect themselves, their property, and their
privacy. In the real world where Asimov’s Laws of Robotics do not
exist, robots can pose—or can appear to pose—a threat to life,
property, and privacy. May
a landowner legally shoot down a trespassing drone? [Make
my day! Bob] Can she hold a trespassing autonomous car
as security against damage done or further torts? Is the fear that a
drone may be operated by a paparazzo or a peeping Tom sufficient
grounds to disable or interfere with it? How hard may you shove if
the office robot rolls over your foot? This paper addresses all
those issues and one more: what rules and standards we could put into
place to make the resolution of those questions fairer to all
concerned. The default common-law legal rules governing each of
these perceived threats are somewhat different, although
reasonableness always plays an important role in defining legal
rights and options. In certain cases—drone
overflights, autonomous cars—national, state, and even local
regulation may trump the common law. Because it is in
most cases obvious that humans can use force to protect themselves
against actual physical attack, the paper concentrates on the more
interesting cases of
(1) robot (and especially drone) trespass,
(2) robot (and especially drone) spying, and
(3) responses to perceived threats by robots—perceptions which may
not always be justified, but which sometimes may nonetheless be
considered reasonable in law.
We
argue that the scope of permissible self-help in defending one’s
privacy should be quite broad. We
also identify seven problems in current law relating to human-robot
interaction, all of which involve some kind of uncertainty
— usually about what a robot can or will do — and suggest ways of
solving or at least ameliorating them, either by making robots less
potentially dangerous (banning the arming of robots) or by requiring
robots to give clearer notice of their capabilities. We conclude by
looking at what the law on human self-defense against robots might
tell us about a robot’s right to not be harmed by a human.”
Could
this be how we get Russia to back off the Ukraine when “sanctions”
don't work? Does Saudi Arabia owe us a favor this big?
Saudi
Arabia's Oil Price 'Manipulation' Could Sink The Russian Economy
The
vice-president of Russia's state-owned oil behemoth Rosneft has
accused Saudi Arabia of manipulating the oil price for political
reasons. Mikhail
Leontyev was quoted in Russian media as saying:
Prices can be manipulative. First of all, Saudi Arabia has begun
making big discounts on oil. This is political manipulation, and
Saudi Arabia is being
manipulated, which could end badly.
The
news comes as Reuters
reports Saudi officials have been privately admitting to oil market
participants that they are comfortable with lower oil prices.
According to the news service, the Organization of the Petroleum
Exporting Countries (OPEC) is willing to accept prices as low as $80
a barrel for as much as the next two years.
Falling
prices are of particular concern to Russia. Russia needs high oil
prices to buoy its economy. The country has seen its economic
performance slow under the weight of sanctions over Ukraine and
weakening domestic demand.
One
desktop per course. It reduces the clutter...
Don’t
Wait for Windows 10: How to Use Virtual Desktops in Windows XP and Up
One
of the big new features Microsoft is touting
in Windows
10 is virtual desktops, something that OS X and Linux users have
long enjoyed. But while virtual desktops might be getting some
tweaks for its public debut in Windows 10, the core technology
required for the feature has been available in Windows for years —
it’s just been hidden.
Starting
way back in Windows XP, Microsoft built a hidden Windows architecture
called “desktop objects,” which let Windows launch separate
Explorer processes to create up to four virtual desktops. The
company now provides a free utility called Desktops
that lets users access this hidden Windows feature with a clean and
simple Taskbar-based user interface.
Gaming
was not a large share of GDP 100 years ago. Now, one game can pull
in $1 Billion.
League
of Legends to Hit $1 Billion in Revenue
…
Despite the fact that the
game is free, revenue is made from the in-game purchases
that users make in order to enhance the game. The company has now
suggested that by the end of the year, they would have reached the $1
Billion mark.
For
my students who insist on chattering in class! Android App.
–
take over the entire production of your own podcast or radio show
with Spreaker Studio. It transforms your device into a
fully-equipped radio studio, allowing you to broadcast live or
pre-record podcasts while adding tracks and sound effects. Start an
active relationship with your listeners by interacting with them
directly.
(Related)
How
To Run Android Apps in Chrome on Mac / Linux / Windows
It’s
now possible to run Android apps in the Chrome browser — it just
takes a little bit of work.
Google
has officially brought four
Android apps to Chromebooks, so it would seem that it’s only a
matter of time before more and more Android
apps become officially available on the Chrome browser. If you
can’t wait, however, let’s run through a few options for running
Android apps in Chrome right now.
99
cent Apple App. Formats as well as lists.
–
is an app plus an iOS 8 Safari extension that makes it easy to do one
key web developer task: view the HTML, JavaScript and CSS source of
any web page, with beautiful and customisable syntax
highlighting. As an app, you can enter a URL and
immediately see the source code behind it. As an extension, it’s
even easier.
No comments:
Post a Comment