My Computer Security class is amused.
In Employee
Email, Apple CEO Tim Cook Calls For Commission On Interaction Of
Technology And Intelligence Gathering
Early this morning, Apple CEO Tim Cook sent an
email out to employees about the FBI’s
request to unlock an iPhone with the subject line ‘Thank you
for your support’. The email outlines some responses to Cook’s
open letter last week and paints the issue of Apple’s refusal
to cooperate as one of civil liberties.
… Cook says that some advocates of the
government’s order, which we have covered
in detail here, want it to “roll back” data protections to
the point at which they were as of iOS 7. In iPhones running older
versions of iOS, Apple was able to extract information from devices
even though they were locked with a personal pin code. Apple
has never
unlocked devices for the government, a common
misconception among some media covering this ongoing story.
The most recent development in the case came
over the weekend, when the FBI admitted that it had hastily reset
the Apple ID password of terrorist Syed Farook’s iPhone 5c,
removing the possibility that it could connect to Apple’s servers
and perform a fresh iCloud backup.
… Additional questions have been raised about
how the FBI plans to get more information than a backup would
provide, even if the pass code is cracked. Some common
theories are that Farook was using secure messaging apps that he
left un-secured on the device, but the FBI has not given specific
reasoning.
… “In the same vein, you’ll also notice
that in demanding a tool, FBI has sneakily ensured that a more “open”
copy of the software will have to be released (that will work on
other devices) in order for it to be tested, validated, and re-tested
by a defense team,” notes
iPhone security researcher Jonathan Zdziarsky. “This
guarantees that the hacking tool FBI is forcing Apple to write will
be out in the public, where it will be in the hands of multiple
agencies and private attorneys.”
Background for my Computer Security students.
California
AG Releases 2016 Data Breach Report, Retail and Financial Sectors
Most Vulnerable
by Sabrina
I. Pacifici on Feb 21, 2016
EPIC – “A new report
from California Attorney General Kamala
Harris examines data
breaches in California from 2012 to 2015. There were 657 data
breaches during the last four years, which compromised over 49
million records. The retail sector experienced the largest share of
breaches at 25%, followed by the financial sector at 18%. Among
several recommendations, the
report recommends that organizations adopt strong encryption.
“Government and the private sector have a shared responsibility to
safeguard consumers from threats to their privacy, finances, and
personal security,” Attorney General Harris stated.
The Attorney General received a 2015
EPIC Champion of Freedom Award. EPIC recently launched “Data
Protection 2016,” a non-partisan campaign to make data
protection an issue in the 2016 election.”
(Related) An infographic
What
Exactly is a DDoS Attack and How Does it Happen?
(Related) Makes it look like a good business to
be in!
Ransomware
takes millions, baffles law enforcement
… Law enforcement is scrambling to keep up as
some victims, desperate to regain access, simply pay the price
without consulting police. The FBI has even told victims to pay up —
a controversial move for security experts.
“The ransomware is that good,” said Joseph
Bonavolonta, assistant special agent in charge of the Cyber and
Counterintelligence Program in the FBI’s Boston office, during a
cybersecurity conference last fall. “To be honest, we often advise
people just to pay the ransom.”
… Stu Sjouwerman, CEO for cybersecurity
training firm KnowBe4, said a major operation could get off the
ground for somewhere between $20,000 and $40,000. That includes
“millions of email addresses” to target and a “bullet proof
server.”
Within weeks, that shop could rake in millions,
netting potentially a 1,000 percent return on investment, he said.
You can't rely on passwords!
Park Han-na reports:
Korean bank customers will soon be able to make online transactions without using security cards or one-time passwords (OTP) as the government is seeking ways to make online payments easier so as to drive innovation in the sector, financial authorities said Sunday.
[…]
The move is expected to encourage financial institutions to develop security tools that are more convenient and safer than the OTP and security cards that are currently used in the transfer of money through online and mobile applications.
Read more on Korea
Herald.
I thought we were not going to help terrorists
find targets? Have we abandoned that strategy?
EPA
Releases Online Mapping Tool to Help Protect Drinking Water Sources
by Sabrina
I. Pacifici on Feb 21, 2016
Via EPA – “The U.S. Environmental Protection
Agency today released DWMAPS
– the Drinking Water Mapping Application to Protect Source Waters.
This robust, online mapping tool provides the public, water system
operators, state programs, and federal agencies with critical
information to help them safeguard the sources of America’s
drinking water. DWMAPS allows users to learn about their watershed
and understand more about their water supplier. DWMAPS also lets
users see if sources of their drinking water are polluted and if
there are possible sources of pollution that could affect their
communities’ water supply. DWMAPS can even guide users to ways
they can get involved in protecting drinking water sources in their
community.”
Perspective. An interesting article. Has he
identified “the next big thing?”
What’s
Next in Computing?
A very simple to-do list in the cloud.
Collaboratively
Create Reminders & Task Lists on Pinside
Pinside
is a free online sticky note service. Pinside can be used to create
boards of notes for yourself or boards to share with others. You can
create a mix of private and shared notes within one account. Sticky
notes on shared Pinside boards are designed for creating to-do lists.
As each item on the the notes is completed you and or your
collaborators can delete completed items.
No comments:
Post a Comment