Wednesday, June 08, 2016
An interesting tool for erasing data that has escaped your physical control, but be careful to put rules are in place that control when you are allowed to use it. Also backup your data. If I can hack into this command, I can erase all your data whenever I want to.
Google Goes Thermonuclear On Thieves With Methodical Remote Wipe Option For Stolen Androids
… Google has presented what could clearly be called a “Nuclear Option” by allowing the Android operating system to securely erase every single partition on the device when invoked by a device’s rightful owner. Recovery partition, boot partition, bootloader — all would be wiped off the face of the earth with zeroes.
Which partitions are erased would be left up to each individual manufacturer, but according to Android Police, even external partitions (i.e. a microSD card) can be included with the “bricking” command.
Nothing startling, but a good summary.
The New Economics of Cybercrime
… According to the cybersecurity firm Intel Security, the price of a stolen payment-card record has dropped from $25 in 2011 to $6 in 2016. “We’re living through an historic glut of stolen data,” explains Brian Krebs, who writes the blog Krebs on Security. “More supply drives the price way down, and there’s so much data for sale, we’re sort of having a shortage of buyers at this point.”
Planning for cyberwar? Is there an inertial navigation App for smartphones?
US military tests massive GPS jamming weapon over California
The US Federal Aviation Authority (FAA) is warning aircraft to stay a few hundred miles away from the Naval Air Weapons Station at China Lake, California, because the military is testing a new gizmo that disrupts GPS – and may also mess with flight control systems.
The FAA has issued a Notice to Airmen (NOTAM) warning [PDF] that on June 7, GPS readouts will be unreliable or nonexistent…
… In addition, the FAA is warning pilots flying the Embraer Phenom 300, one of the world's most popular executive jet aircraft, that the testing could interfere with flight stability controls and has said extra care should be taken in the area.
I need to read this a few more times. As I now understand it, if the government knows I know the password, I have no Fifth Amendment protection. But what if the government only thinks I know the password? Also, I wonder if my “re-encrypt your encrypted data and add one file that says everything else is gibberish” technique would work?
The Fifth Amendment limits on forced decryption and applying the ‘foregone conclusion’ doctrine
The U.S. Court of Appeals for the 3rd Circuit has a case pending on the Fifth Amendment limits of forcing a suspect to enter his password to decrypt a computer. The case provides an opportunity for the 3rd Circuit to correct an error in the 11th Circuit’s treatment of the same question, specifically on how to apply the “foregone conclusion” doctrine to an order requiring decryption of a storage device.
Given the importance of the issue, I want to explain the issue, show where the 11th Circuit got it wrong, and explain what I think the right analysis should be.
Perhaps lawyers are beginning to understand the technology?
Why legal departments begrudge the cloud
… “One can’t simply go to clients or the state bar association and say the third party caused a breach, so it’s really not our responsibility.”
This year’s high-profile breaches at Panamanian law firm Mossack Fonseca and New York-based Cravath Swaine & Moore have raised alert levels even higher. Law firms and legal departments have been warned by the Federal Bureau of Investigation that cyber thieves consider them low-hanging fruit from a risk perspective because of their potential treasure troves of trade secrets and undisclosed deal information that could be exploited.
… in fact, many law firms and legal departments don’t even know how many cloud apps are being used. New cloud apps, such as file-sharing tools show up almost monthly even daily, creating a whack-a-mole mentality where IT security staff must shut down unauthorized apps when they pop up.
The average organization uses 1,154 cloud services to upload 5.6 terabytes of data each month, according to cloud-access security broker Skyhigh Networks.
(Related) I’m not (yet) convinced this is a solution, but it will be something for my Architecture class to kick around.
Egnyte Tackles Data Loss With New Data Governance Solution
Cloud computing remains a problem for many businesses. While the move to IaaS is gathering pace, it is still true that most organizations operate a hybrid approach, combining cloud apps and on-premise data. According to Egnyte, 85% of apps are now in the cloud, while 85% of data is still on premises. This creates a huge governance issue as corporate data moves into and out of cloud applications.
At last someone else has noticed that the porn industry is an early adaptor.
How Porn Leads People to Upgrade Their Tech
… The pornography industry isn’t creating new communication technologies, Coopersmith said, nor is it particularly prescient about what technology is likely to take off. It’s simply taken advantage of new developments before others, and has enough of a draw that people are willing to follow it.
Its position on the leading edge of technology comes partly out of necessity. “There’s a nimbleness to being in the marginalia,” Barss says. Once technologies and platforms reach mainstream status, they may become less friendly to adult content, and the social stigma attached to porn has repeatedly drawn consumers to new, largely untested technologies that provide better privacy.
Amusing enough to share…
Will Trump Screw Up Everything We Know About Elections?
Another easy screenshot tool.
How to Use YouTube to Record a Video of Your Screen
… the saved video will be available on your YouTube account where you can change its privacy settings if you want to share it publicly and can add annotations, subtitles, and more.
A few things to keep in mind when using YouTube to record a screencast:
· The quality of the video is not great — the full-screen experience is a little hazy.
· If you use YouTube, you won’t have access to some advanced features you’ll get with other screencasting apps like Quicktime or Screencast-o-matic.
If I incorporate this into my website design class, it won’t be cheating to use it.
Wix Unveils New Innovation: Websites That Design Themselves Using AI
… Wix has developed the world’s first website-building platform that uses artificial intelligence — what Wix refers to as “Artificial Design Intelligence” (ADI) — to create a site automatically for you, right in front of your eyes.