Darren Pauli reports:
A global research team has hacked
10 different types of implantable medical devices and pacemakers finding
exploits that could allow wireless remote attackers to kill victims.
Eduard Marin and Dave Singelée,
researchers with KU Leuven University, Belgium, began examining the pacemakers
under black box testing conditions in which they had no prior knowledge or
special access to the devices, and used commercial off-the-shelf equipment to
break the proprietary communications protocols.
From the position of blind
attackers the pair managed to
hack pacemakers from up to five metres away gaining the ability to deliver
fatal shocks and turn off life-saving treatment.
Read more on The
Register.
For my Ethical Hacking students. It’s much easier to hack a system when you
know exactly how it works.
Why a hacker is giving away a special code that turns cars
into self-driving machines
Here is a strategy for start-ups dealing with regulators
who might shut down your product: Make it free.
Scrappy self-driving car start-up Comma.ai released a free
software kit on Wednesday to help developers learn to build a device that can turn any car into an autonomous vehicle.
… A wave of
companies in areas such as housing, DNA testing and aerospace is weighing
whether to work with officials or to follow the playbook of companies such as
Uber and Airbnb — asking forgiveness, but not permission, and seeing where the
chips fall.
In Comma’s case, the strategy was an end run around the
rulemakers.
… Shortly after
the announcement at the TechCrunch Disrupt conference, Hotz was slapped with a warning
letter from the National Highway Traffic Safety Administration.
… The code, which
is available on the open-source collaboration platform GitHub, allows anyone
(but really, hardcore hackers) to build a dashcam-like device that they can set
up in their car. The device plugs into a
port in the car called a controller area network, or BUS (in most cars built
after 2006). Users must build the device
with a 3-D printer and have an Android OnePlus 3 phone to run the code and
provide the camera that can scan the road.
Interesting, but somewhat suspect. I’d like to see more raw numbers. How many ‘hackers’ did they survey?
Report: Most cybercriminals earn $1,000 to $3,000 a month
Most cybercriminals make between $1,000 and $3,000 a
month, but 20 percent earn $20,000 a month or more, according
to a recent report.
For my Android using students.
… If you own an
Android device running on anything older than Android 6.0 (Marshmallow) you should do two things: 1. Use this Check Point tool
to see whether your Google account has been compromised, and 2. View the list of fake apps infected by Gooligan so you know what to
avoid.
An escape from double-secret probation?
SAN FRANCISCO – CREDO Mobile representatives confirmed
today that their company was at the center of the long-running legal battle
over the constitutionality of national security letters (NSLs), and published
the letters the government sent three years ago.
The Electronic Frontier Foundation (EFF) has represented
CREDO in this matter since 2013—and the case, bundled with two other NSL
challenges, has reached the United States Court of Appeals for the Ninth
Circuit. Until now, CREDO was under a
gag order, preventing CREDO officials from identifying the company or
discussing their role in the case. In March, a district court found that the FBI had
failed to demonstrate the need for this gag, and struck it down pending an
appeal by the government. But earlier
this month, the government decided to drop its appeal of that order,
leaving CREDO free to talk about why the legal challenge is important to the
company and its customers.
… While the
government has stopped pursuing the NSL gag orders on CREDO in this case, EFF’s
two other NSL challenges are still being litigated in the appeals court. EFF’s clients—who still must remain
secret—argue that they are being unconstitutionally barred from discussion and
debate about government use of NSLs and surveillance reform.
For the NSLs to CREDO:
https://www.eff.org/document/redacted-national-security-letter-1
https://www.eff.org/document/redacted-national-security-letter-2
https://www.eff.org/document/redacted-national-security-letter-1
https://www.eff.org/document/redacted-national-security-letter-2
For more on this case:
https://www.eff.org/cases/re-national-security-letter-2013-13-80089
https://www.eff.org/cases/re-national-security-letter-2013-13-80089
How would Coinbase know which of their customers were “U.S.
taxpayers?”
The government’s press release on an issue mentioned
previously: a broad warrant for records on everyone who used Coinbase. The government appears to be going on a
fishing expedition with court authorization.
Oh well, the Fourth Amendment had a good run, I guess.
A federal court in the Northern District of California
entered an order today authorizing the Internal Revenue Service (IRS) to serve
a John Doe summons on Coinbase Inc., seeking information about U.S. taxpayers
who conducted transactions in a convertible virtual currency during the years
2013 to 2015. The IRS is seeking the
records of Americans who engaged in business with or through Coinbase, a
virtual currency exchanger headquartered in San Francisco, California.
… The court’s
order grants the IRS permission to serve what is known as a “John Doe” summons
on Coinbase. There is no allegation in
this suit that Coinbase has engaged in any wrongdoing in connection with its
virtual currency exchange business. Rather, the IRS uses John Doe summonses to
obtain information about possible violations of internal revenue laws by
individuals whose identities are unknown. This John Doe summons directs Coinbase to
produce records identifying U.S. taxpayers who have used its services, along
with other documents relating to their virtual currency transactions.
Something I definitely want to teach.
Tomorrow’s Business Leaders Learn How to Work with A.I.
Artificial intelligence is now on the syllabus at top-tier
business schools.
Harvard Business School, Massachusetts Institute of Technology’s
Sloan School of Management, France’s Insead and a handful of other programs
recently have added M.B.A. courses on managing the applications and algorithms
that help businesses make more informed decisions.
The timing is interesting.
Apparently, they saw little value in this until Hillary lost?
SearchEngineLand reports on how Google is tackling fake news
by Sabrina
I. Pacifici on Nov 30, 2016
Ian Bowden reports: “Following the US election and Brexit,
increased focus is being placed on how social networks and search engines can
avoid showing “fake news” to users. However, this is a battle that search engines
cannot — and more fundamentally, should not — fight alone. With search engines providing a key way people
consume information, it is obviously problematic if they can both decide what
the truth is and label content as the truth. This power might not be abused now, but there
is no guarantee of the safe governance of such organizations in the future. Here are five key ways Google can deal (or
already is dealing) with fake news right now. They are:
- Manually reviewing websites
- Algorithmically demoting fake news
- Removing incentives to create fake news
- Signaling when content has been fact-checked
- Funding fact-checking organizations…”
(Related) Again, no thoughts about this until Trump. Perhaps he is good for something?
Sam Thielman reports:
Public and private libraries are
reacting swiftly to the election of Donald Trump, promising to destroy user
information before it can be used against readers and backing up data abroad.
The New York Public Library
(NYPL) changed its privacy policy on Wednesday to emphasize its data-collection
policies.
Read more on The
Guardian.
Perspective. If you
store ‘Big Data,’ it could take you quite a while to migrate it to the cloud. No doubt this will soon be self-driving and
will move from the US to Mexico to Canada to avoid subpoenas for your
data. Also raises the possibility of
data lost due to traffic accidents.
AWS Snowmobile – Move Exabytes of Data to the Cloud in Weeks
… In order to meet
the needs of these customers, we are launching Snowmobile
today. This secure data truck stores up to 100 PB of data and can help you
to move exabytes to AWS in a matter of weeks (you can get more than one if
necessary). Designed to meet the needs
of our customers in the financial services, media & entertainment,
scientific, and other industries, Snowmobile attaches to
your network and appears as a local, NFS-mounted volume. You can use your existing backup and archiving
tools to fill it up with data destined for Amazon
Simple Storage Service (S3) or Amazon
Glacier.
My students should be interested.
This investment bank presentation breaks down the complicated
digital ad industry in 2016
LUMA Partners has just released its annual State of
Digital Marketing presentation.
This year it covers LUMA's views on the market, five
industry trends — including the rise of artificial intelligence — and the
future of the ecosystem with a specific focus on digital marketing.
Jobs for my students.
Winning the Digital War for Talent
Many traditional
talent management processes weren’t designed for today’s increasingly digital
world. That’s why a new approach is
needed.
… In our
interviews with digital executives and analysts, we saw two distinct approaches to thinking about talent in an
increasingly digital business environment. Some companies expressed great interest in
tapping into fluid talent markets made up of skilled contractors and
consultants.
… In contrast,
other companies are focused on how to develop and manage existing employees for
the long term. Many of these companies
invest heavily in new approaches to onboarding and continuous training and
development. They provide employees with
opportunities to grow digitally, not only through technical training but also
by offering carefully curated work experiences, different experiences over
time, and career development support.
Probably works the other way too – places my students can
advertise their skills?
By 2020, more than 40 percent of the U.S. workforce will be freelancers and contractors. This is the direction we’re moving in,
particularly for design and development jobs which tend to be project-based.
Too geeky for Santa.
No comments:
Post a Comment