Tuesday, June 21, 2016

An interesting article.  My concern, as a Computer Security manager would be that their hackers have found a less detectable method of hacking into my systems.  But that does not stop everyone involved (or not) from claiming success!
Chinese Curb Cyberattacks on U.S. Interests, Report Finds
Nine months after President Obama and President Xi Jinping of China agreed to a broad crackdown on cyberespionage aimed at curbing the theft of intellectual property, the first detailed study of Chinese hacking has found a sharp drop-off in almost daily raids on Silicon Valley firms, military contractors and other commercial targets.
But the study, conducted by the iSight intelligence unit of FireEye, a company that manages large network breaches, also concluded that the drop-off began a year before Mr. Obama and Mr. Xi announced their accord in the White House Rose Garden.  In a conclusion that is largely echoed by American intelligence officials, the study said the change is part of Mr. Xi’s broad effort to bring the Chinese military, which is considered one of the main sponsors of the attacks, further under his control.

Another “must have” surveillance App?  Do the people who buy these know what they are doing? 
The AI Dashcam App That Wants to Rate Every Driver in the World
If you’ve been out on the streets of Silicon Valley or New York City in the past nine months, there’s a good chance that your bad driving habits have already been profiled by Nexar.  This U.S.-Israeli startup is aiming to build what it calls “an air traffic control system” for driving, and has just raised an extra $10.5 million in venture capital financing.
Since Nexar launched its dashcam app last year, smartphones running it have captured, analyzed, and recorded over 5 million miles of driving in San Francisco, New York, and Tel Aviv.  The company’s algorithms have now automatically profiled the driving behavior of over 7 million cars, including more than 45 percent of all registered vehicles in the Bay Area, and over 30 percent of those in Manhattan.
Using the smartphone’s camera, machine vision, and AI algorithms, Nexar recognizes the license plates of the vehicles around it, and tracks their location, velocity, and trajectory.  If a car speeds past or performs an illegal maneuver like running a red light, that information is added to a profile in Nexar’s online database.  When another Nexar user’s phone later detects the same vehicle, it can flash up a warning to give it a wide berth.  (This feature will go live later this year.)
   Nexar estimates that if 1 percent of drivers use the app daily, it would take just one month to profile 99 percent of a city’s vehicles.  “We think that it’s a service to the community to know if you’re a crazy driver or not,” says Shir.
That community includes insurance companies, who Nexar suggests could save billions by cherry-picking only the best drivers to cover.

Security(?) at the cost of your privacy?  Was the Privacy Policy language deliberate?  What would you do with videos of someone’s home?  
From the not-exactly-a-glowing-review dept., SLC Security writes:
 Look familiar?  Well this device started showing up in all the big box retailers last year so we decided to give one a try.  Hooking the device up to a EVDO hotspot on Verizon was interesting at best.  During our testing we discovered that the device streams continuously back to Guardzilla (even if you don’t subscribe to their monitoring) all the time.  So this “security” device has some serious “privacy” issues.
Here’s the problem. Even when you don’t subscribe to the recording and playback features offered by Guardzilla the devices still stream to Guardzilla and we assume that the video is being stored otherwise why would you send it?  What tipped us off was the fact that the device uses nearly 1GB of bandwidth per day even when your not viewing the camera.  So basically your allowing Guardzilla to see into your protected space and to hear everything that goes on in this space because these devices are constantly streaming even when you are not using them. 
Read more on SLC Security.  In an update, they state that Guardzilla confirmed that that’s how the device operates.
I wonder what the FTC would say about all this.
[From the article:
The Guardzilla Privacy Policy:
Practecol takes reasonable efforts to ensure that your personal information is protected while you use the Services. [Not while you don’t?  Bob]
Oh and theres this line:
Also, video, audio, and other information received or recorded by your Guardzilla device may be stored on our servers or the servers of third parties.

Another surveillance technique?  (Beware of perverts/stalkers bearing gifts?)
Caleb Chen writes:
Over the weekend, the security community heard rumors about a potential issue with the NETGEAR Internet of Things wireless security camera.  A user reported to the privacy subreddit that after returning the device and not uninstalling the app or deleting an account, the user was still able to see camera footage from the new owner’s camera – a clear privacy breach.  The user accuses NETGEAR of having poorly planned out processes for change of ownership scenarios.  The reaction from the tech community lacked disbelief and sympathy.  Many others reported similar issues with brands other than NETGEAR.  In fact, there are websites that list all the world’s internet of things (IoT) cameras that are plugged in but not configured to keep the world out.
Read more on Privacy Online News.

“Hey!  We gotta do something!”  Don’t think, act! 
Invoking Orlando, Senate Republicans set up vote to expand FBI spying
U.S. Senate Majority Leader Mitch McConnell set up a vote late on Monday to expand the Federal Bureau of Investigation's authority to use a secretive surveillance order without a warrant to include email metadata and some browsing history information.
   Privacy advocates denounced the effort, saying it seeks to exploit a mass shooting in order to expand the government’s digital spying powers.
   The amendment would broaden the FBI’s authority to use so-called National Security Letters to include electronic communications transaction records such as time stamps of emails and the emails' senders and recipients.
The Obama administration for years has lobbied for a change to how NSLs can be used, after a 2008 legal memo from the Justice Department said the law limits them largely to phone billing records.  FBI Director James Comey has said the change essentially corrects a typo and is a top legislative priority for his agency.
   The amendment filed Monday would also make permanent a provision of the USA Patriot Act that allows the intelligence community to conduct surveillance on “lone wolf” suspects who do not have confirmed ties to a foreign terrorist group.  That provision, which the Justice Department said last year had never been used, is currently set to expire in December 2019.

(Related)  “They’re not letting us do what we want to do!” (say it with a whiney voice)  Or perhaps, “They’re child pornographers, they don’t have any rights!” 
Tim Cushing writes:
Another court handling an FBI Playpen case has handed down its decision on a motion to suppress.  Like other courts fielding prosecutions resulting from this massive investigation, it has found [PDF] that the FBI’s NIT (Network Investigative Technique) is invasive enough to be called a “search.” (via FourthAmendment.com)
The FBI must have felt its NIT deployment would be considered a search.  That’s why it obtained a warrant in the first place.  But it’s been frantically peddling “not a search” theories as court after court has declared its warrant invalid because the searches were performed outside of the issuing magistrate’s jurisdiction.
Read more on TechDirt.

This will be handy when (if) I start teaching the “Care and Feeding of the Social Media Beast”
Paper – Social Clicks: What and Who Gets Read on Twitter?
by Sabrina I. Pacifici on
Maksym Gabielkov, Arthi Ramachandran, Augustin Chaintreau, Arnaud Legout.  Social Clicks: What and Who Gets Read on Twitter?.  ACM SIGMETRICS / IFIP Performance 2016, Jun 2016, Antibes Juan-les-Pins, France. 2016. https://hal.inria.fr/hal-01281190  Submitted on 13 Apr 2016.
“Online news domains increasingly rely on social media to drive traffic to their websites.  Yet we know surprisingly little about how a social media conversation mentioning an online article actually generates clicks.  Sharing behaviors, in contrast, have been fully or partially available and scrutinized over the years.  While this has led to multiple assumptions on the diffusion of information, each assumption was designed or validated while ignoring actual clicks.  We present a large scale, unbiased study of social clicks – that is also the first data of its kind – gathering a month of web visits to online resources that are located in 5 leading news domains and that are mentioned in the third largest social media by web referral (Twitter).  Our dataset amounts to 2.8 million shares, together responsible for 75 billion potential views on this social media, and 9.6 million actual clicks to 59,088 unique resources.  We design a reproducible methodology and carefully correct its biases.  As we prove, properties of clicks impact multiple aspects of information diffusion, all previously unknown.
(i) Secondary resources, that are not promoted through headlines and are responsible for the long tail of content popularity, generate more clicks both in absolute and relative terms.
(ii) Social media attention is actually long-lived, in contrast with temporal evolution estimated from shares or receptions.
(iii) The actual influence of an intermediary or a resource is poorly predicted by their share count, but we show how that prediction can be made more precise.”

At what point does Google cross the line into practicing medicine without a license?  Will these be linked to the nearest medical specialist along with a coupon that says, “Google sent me?”
Google Sharpens Search Results for ‘Skin Rash,’ ‘Tummy Ache’ and Other Symptoms
Google has a health problem. Its search results for medical symptoms aren’t very useful at best, and in many cases are alarmingly off base, frustrating patients and doctors alike.
The Alphabet Inc. -owned search giant says it has developed a cure.  On Monday, it rolled out a new feature called symptom search.
The next time you use the Google search app for iPhone and Android to look up something like “my tummy hurts,” “skin rash,” or “headache on one side,” you’ll see about a half-dozen digital cards you can swipe through right below the search box.  Each of these cards briefly describes a common health problem related to your search term.

Perspective.  Is this now a nation of crooks?
Google is being overloaded with DMCA takedown requests.  The company has seen the number of takedown notices from rightsholders quadruple over the past two years.  In 2016 alone, Google is projected to process over a billion reported pirate links, most of which will be scrubbed from its search index.
   Google now handles around three million “pirate” links every day.

Perspective.  Also, some tips on how to do business in India?
Amazon's Bold Indian Strategy
Amazon CEO Jeff Bezos recently announced an expansion of the company's investment in India to the tune of US$3 billion -- that was in addition to the $2 billion in investments it announced in 2014.
   "It appears that Amazon is seeking to build an infrastructure just for the India market, which is good strategy given the regulatory challenges of being a foreign entity and the different e-commerce environment," said Jim McGregor, principal analyst at Tirias Research.
   One of the world's fastest-growing e-commerce markets, India currently is dominated by firms like Flipkart, Snapdeal and Alibaba.
"India represents a rapidly expanding market with a growing middle class," Stratecast/Frost & Sullivan Program Manager Mike Jude told the E-Commerce Times.
Overall, the online retail market in India is only 2 percent of total retail sales in that country, according to Forrester Research.  However, growth in e-tailing is exploding, with the market expected to rise at a compound annual growth rate of 44 percent, starting last year, to reach $75 billion by 2020.

It’s good to be on the New York Times bestseller list!
E-Book Buyers to Start Receiving Credits on Tuesday as Part of Apple Price Fixing Settlement
Starting on Tuesday, June 21, U.S. customers who purchased e-books from Apple and other retailers like Amazon and Barnes & Noble will begin receiving payouts from the $450 million settlement Apple agreed to pay after being found guilty of conspiring to fix the prices of e-books.
Customers will be receiving a $6.93 credit for each book that was a New York Times bestseller, and a $1.57 credit for other e-books.  Customers eligible for credits include those who purchased e-books between April 1, 2010 and May 21, 2012.

“If’n them thar good ole boys kin do it, I reckon us’ns can do it too!”
Chattanooga mayor: Gigabit speed internet helped revive city
When Chattanooga Mayor Andy Berke describes his city's economic renewal, he points to the city’s fiber network as a significant source of its new vibrancy.
   A pioneer in municipal broadband, Chattanooga developed its fiber network in 2010 with $330 million, paid for with $105 million in federal funds and the rest from bonds.  The high-speed access led to direct and indirect economic gains and has been profitable.
   “Our fiber goes to each and every home,” Berke said.  “We can’t have digital gated communities.  If we do that we and only allow fiber to go to some parts of the city, some parts of the state, we will see technology widen the gulf between people as opposed to bridging it.

This is all the Harvard B School could come up with?
The 8 Digital Productivity Tools Everyone Should Adopt
I’m a super adopter.  I love trying out hundreds of new applications, social networks and devices every year.  But not everybody wants to live the thousand-app lifestyle.  For most people, the goal is to adopt the smallest number of tools necessary to work efficiently.  That’s why my friends and colleagues often ask me which technologies I regard as must-haves: the tools and tactics that will make a big impact on their productivity without spending a lot of time or money getting up and running.

No comments: