Sunday, February 28, 2016

One result of all this Apple v. FBI fuss is articles like this one. Wild speculation or accurate forecast?
If Apple loses, your home could be the next thing that's unlocked
… Look around your home, office or car. How many microphones, cameras or sensors are pointed at you right now? Even if these devices are not connected to a service or server, they're probably still there watching and listening. Hopefully the manufacturers did their jobs and all those eyes and ears are encrypted. But, if Apple is forced to help the FBI get into that iPhone, even that encryption won't matter.

(Related) Buried in all the fluff are more important signals like this one. I doubt there was a bidding war between Apple and the FBI. Can you imagine the DoJ offering something like the ROTC to attract future code breakers?
Apple Hires Lead Dev of Snowden’s Favorite Messaging App
… Jacobs spent two and a half years as a security engineer at Open Whisper Systems, the creator of Signal. He left that role in January of this year, but in his time there he worked on the end-to-end encryption for the Signal iOS app that has made it the darling of the security community. Edward Snowden has said he uses Signal “every day,” and it’s one of the few secure messaging apps that gets high marks across the board from the Electronic Frontier Foundation, a digital rights advocacy group.
The hire comes at an auspicious time for Apple, which is currently embroiled in an ongoing legal battle with the FBI over whether law enforcement can compel the company to create software that makes its products inherently less safe. The risk of losing that fight has reportedly prompted Apple to work on enhancing its security measures even further. The ultimate goal may be a device so secure that Apple had no way to assist the FBI in future cases, even if it wanted to.
Hiring a Signal developer is a good place to start. As security researcher Jonathan Zdziarski recently pointed out, messages sent over its end-to-end encryption are largely safe even from forensics tools.

(Related) and some unexpected stories.
Verizon takes Apple’s side in FBI showdown
Verizon Wireless, the largest mobile carrier in the United States, has strongly — and rather unexpectedly — stood up in support of Apple in its legal showdown with the FBI.
… For Verizon of all companies to take such a stance is significant; like its fellow carriers, Verizon cooperated with the NSA in its mass surveillance and bulk data-collection programs revealed by Edward Snowden in 2013. The company has also dealt with privacy controversies of its own, coming under fire last year for aggressively tracking its customers with "permacookies," before it gave them the choice of opting out.

Curious. You can't assume their identity, but it's like looking over their shoulder. Some of the glory hounds might actually like it. I think most people would find it creepy.
Instagram shuts down access for app that lets you ‘be’ other users
The company hasn’t yet confirmed whether the loss of access to Instagram’s API was intentional.
Being aimed to let people see Instagram through the eyes of other users, like celebrities and friends. The app pulled together the different users people followed to recreate their feeds on the app. So, for example, a Being user could "become" Kim Kardashian and see all the makeup artists and friends she follows.

Failure to secure yet another “Thing” on the Internet of Things. My Computer Security class should consider all the failures here. (My students could re-write the App. Was the App the problem or is the car unable to defend itself?)
Nissan pulls the Leaf's phone app after security vulnerabilities come to light
Just a day after news spread that Nissan Leaf's NissanConnect app could be compromised by hackers to control fan settings (potentially draining the battery) and download logs of past drives, Nissan has pulled the functionality, saying that it is "looking forward to launching updated versions of [its] apps very soon."
… The NissanConnect hack, which allows an individual to download and manipulate settings if they have a Leaf's VIN number, [Used like a password? Bob] is not the most serious hack — there doesn't appear to be any situation where it would put a moving vehicle in harm's way — but it could effectively disable a car by draining the battery. In the worst case, hackers could also use drive logs to get a sense of when the car's owner is at home, at work, or elsewhere. [FBI backdoor? Bob]
The pulling of the app until Nissan can get it patched is good — although the researcher who discovered the hack, Troy Hunt, says that he first corresponded with the company about it on January 23rd. That gave Nissan a full month without public disclosure to act, but it was only when Hunt went public with the hack that the system was taken offline.

It is unclear if the court is saying he has been rehabilitated or could be in the future if this information is no longer available. In the US, sex crimes are forever so we would never remove these reports.
Kyodo News reports a ruling of the Saitama District Court ordering Google to de-index certain results is the first in that country to explicitly recognize a “right to be forgotten” in Japan.
A Japanese court has recognized the “right to be forgotten” in a case filed by a man demanding Google Inc remove three-year-old news reports of his arrest for involvement in child prostitution and pornography, according to newly discovered court documents.
Last June, the Saitama District Court ordered Google to remove Internet search results that include media reports about the arrest of that man, saying his right to rehabilitation was being infringed. Google objected to that court order.
The provisional ruling was issued by the same court after reexamining the case.
Read more on Japan Today. Google has appealed the ruling to the Tokyo High Court.
[From the article:
Past decisions in Japan demanding removal of search results cited the right to privacy.
… Presiding Judge Hisaki Kobayashi at the Saitama District Court ruled that, depending on the nature of a crime, the right to be forgotten should be recognized with the passage of time.

Another downside of the failure (as I see it) of municipalities to own their own infrastructure. If the poles belonged to Louisville, they could do what they want. (Do they still want poles? Technology from the 1880's?)
This city’s fight with AT&T could shape the future for Google Fiber
The city of Louisville, Ky., has been bending over backward to woo high-speed services like Google Fiber to town. But now those efforts might have hit a snag as AT&T slaps the local government with a big lawsuit.
The telecom carrier is suing over a new city law, which was passed this month, that makes it easier for Internet providers to string their lines on utility poles. The law lets companies such as Google Fiber move other providers' equipment on the pole, in order to make room for their own.
But AT&T says the city government never had the power to write such a law.
"The ordinance conflicts with and is preempted by the pole attachment regulations of the Federal Communications Commission," AT&T said in the suit, which was obtained by, Louisville's local Fox affiliate. "In addition, Louisville Metro had no authority to adopt the ordinance, because Kentucky law gives the Kentucky Public Service Commission exclusive jurisdiction to regulate pole attachments."
AT&T added that its utility-pole rights were granted by the Kentucky state legislature in the 1880s, implying that it would take a state-level decision to implement Louisville's policy legally.

A couple of tools from a fellow teacher. is a complete flowcharting tool. Includes vendor icons for Cisco, etc. User manual online too. is a free to use web application.

(Related) May be more for Python users than Math novices.
SymPy is a Python library for symbolic mathematics. It aims to become a full-featured computer algebra system (CAS) while keeping the code as simple as possible in order to be comprehensible and easily extensible. SymPy is written entirely in Python and does not require any external libraries.

Are you smarter than a computer?
Google Unveils Neural Network with “Superhuman” Ability to Determine the Location of Almost Any Image
Here’s a tricky task. Pick a photograph from the Web at random. Now try to work out where it was taken using only the image itself. If the image shows a famous building or landmark, such as the Eiffel Tower or Niagara Falls, the task is straightforward. But the job becomes significantly harder when the image lacks specific location cues or is taken indoors or shows a pet or food or some other detail.
Nevertheless, humans are surprisingly good at this task. To help, they bring to bear all kinds of knowledge about the world such as the type and language of signs on display, the types of vegetation, architectural styles, the direction of traffic, and so on. Humans spend a lifetime picking up these kinds of geolocation cues.
So it’s easy to think that machines would struggle with this task. And indeed, they have.
Today, that changes thanks to the work of Tobias Weyand, a computer vision specialist at Google, and a couple of pals. These guys have trained a deep-learning machine to work out the location of almost any photo using only the pixels it contains.
Their new machine significantly outperforms humans and can even use a clever trick to determine the location of indoor images and pictures of specific things such as pets, food, and so on that have no location cues.
… For the test, they used an online game that presents a player with a random view taken from Google Street View and asks him or her to pinpoint its location on a map of the world.
Anyone can play at Give it a try—it’s a lot of fun and more tricky than it sounds.

Dilbert shows the hacker's version of 'speed dating?'

No comments: