Tuesday, December 06, 2016
Another ‘phack” (phony hack)? How would your organization respond if someone claimed to have breached your security?
It was only last week that Experian released a white paper on what it sees as data breach risks for 2017. Perhaps ironically, then, it was only days later when a dark web vendor claimed to have Experian’s database for sale. HackRead reported on “DoubleFlag’s” listing:
The hacker claims he has access to the Experian database which contains information of some 203,419,083 accounts and has set the price for this database at Bitcoin 0.8082 (USD 600.00).
… Waqas was clear to report this only as a claim and he stated that the database had not been confirmed as an Experian database. DataBreaches.net reached out to Experian for either a confirmation or refutation of Doubleflag’s claim. Today, a spokesperson for Experian sent the following statement:
“We’ve seen this unfounded allegation and similar rumors before. We investigated it again – and see no signs that we’ve been compromised based on our research and the type of data involved. Based on our investigations and the lack of credible evidence, we consider this an unsubstantiated claim intended to inflate the value of the data that they are trying to sell – a common practice by hackers selling illegal data.”
(Related) Perhaps they are just really slow to detect their breach?
Millions of User Accounts Allegedly Stolen From Dailymotion
Data breach notification service LeakedSource has obtained a database containing the details of roughly 85 million Dailymotion users, including usernames, email addresses and, in many cases, passwords.
According to LeakedSource, the database stores 87 million records with 85 million unique email addresses. More than 18 million of the entries also include password hashes. LeakedSource said the hackers claimed to have stolen the data on around October 20.
SecurityWeek has analyzed a sample of nearly 10,000 entries and determined, based on LeakedSource and Have I Been Pwned searches, that many of the accounts had not been compromised in previous breaches.
Eventually, the US will follow, simply because it is so easy to use.
e-Wallets: No prescribed security standards under Indian e-wallet laws puts your financial data at risk
Asheeta Regidi reports:
The government is pushing very strongly for a cashless society. After the demonetisation move, several initiatives have been seen to further encourage going cashless. The latest of these is the Ministry of Urban Development’s direction for all Urban Local Bodies to shift to e-payments. While cashless transactions are a convenience and the future, it is being pushed without addressing two critical concerns – security and privacy of digital transactions. In the case of e-wallets and other fintech corporations, laws establishing security requirements and liabilities for loss are missing.
Read more on FirstPost.
I could not agree more. Geeks are terrible at explaining what they do, just as business managers are terrible at explaining what they need.
Why Your Company Needs Data Translators
… What is to be done? From our work with successful sports leaders, we accept that there is a significant gap between the quants and the decision makers, a gap that we call the “interpretation gap.” We believe that those who are needed to fill that gap are what we call “data translators.” While some have argued that data scientists can bridge the gap, we think that, in many cases, the data translator role can best be filled by domain experts. To date, many businesses have been trying to bridge the gap by teaching the quants (often recent graduates) about the business in which they operate.
How do I get access to the raw data?
Partnering to Help Curb Spread of Online Terrorist Content
Facebook, Microsoft, Twitter and YouTube are coming together to help curb the spread of terrorist content online
… Starting today, we commit to the creation of a shared industry database of “hashes” — unique digital “fingerprints” — for violent terrorist imagery or terrorist recruitment videos or images that we have removed from our services. By sharing this information with each other, we may use the shared hashes to help identify potential terrorist content on our respective hosted consumer platforms. We hope this collaboration will lead to greater efficiency as we continue to enforce our policies to help curb the pressing global issue of terrorist content online.
Tech does grocery? Which part of “we will sell everything” didn’t you get?
How Amazon Plans to Totally Reinvent Grocery Shopping
… Today, Amazon made a modest announcement that looks straight out of the Bezos playbook: Amazon Go, “a new kind of store with no checkout required.” The company calls it “Just Walk Out” shopping. But it’s really an attempt to eradicate one of the more frustrating aspects of shopping in stores: the checkout line. It’s pure Bezos: start with 1,800 ft. of grocery retail space in downtown Seattle and see if you can remake retail all over again.
The basic idea behind Go isn’t completely original. Years ago, companies like IBM foresaw a checkout-line-free future, using RFID chips embedded in packages. But Amazon is using the kind of modern deep-learning technology it’s rolling out to its cloud clients, along with computer vision and sensor fusion. For shoppers, the tech will be invisible. They just fire up a Go app, grab what they want, and be on their way.
I have many students from India. Their perspective is a bit different, but interesting to listen to.
Walmart vs. Amazon: Is India the Next Battleground?
Amazon is on overdrive in India. Earlier this year, the world’s largest online retailer became the second-largest online marketplace in the country by shipments and gross merchandise value. (Flipkart remains number one in India.) It also announced an additional $3 billion investment, taking its total investment in India to $5 billion
… According to media reports, Walmart is all set to join the Indian e-tail party soon. While the company is reported to be talking to several Indian e-tailers like Snapdeal and Shopclues, the strongest buzz is around Walmart entering into a strategic alliance with Flipkart or making an investment in the company, possibly to the tune of $1 billion.
After getting caught cheating, VW wants you looking in another direction.
Volkswagen Takes Challenge to Uber, Lyft With New Berlin-Based Company
Volkswagen AG on Monday launched a new company to challenge Uber Technologies Inc. and other tech rivals, seeking to become a global force in the digital auto services that are threatening established car makers.
… One of Moia’s businesses already is operating: the Gett ride-hailing service, in which Volkswagen acquired a strategic stake in May for $300 million. Moia plans next year to launch another service, an app-based shuttle, or ride-pooling service using electric vans to transport commuters.
… The German company still has much catching up to do.
Japan’s Nissan Motor Co. launched the Leaf, an electric compact car, in 2010. Daimler AG, maker of Mercedes-Benz cars, launched its Car2Go car-sharing service in 2008, followed by BMW AG and its DriveNow service. In January, General Motors Co. invested $500 million in Uber rival Lyft Inc. GM’s move on Lyft spurred Volkswagen into action.
… Volkswagen eventually wants to equip Gett with a fleet of robot taxis, anticipating that car ownership could decline with the emergence of new car-sharing services, creating fresh competition from shared vehicles and self-driving taxi and delivery services.
Who is this for? Not the owner of the phone.
With Google's New App, Your Loved Ones Can Find You During Emergencies
… From Apple’s Find My Friends to Facebook’s Safety Check, tech giants are creating ways to help people during emergencies. And Google has taken things one step further with Trusted Contacts.
Trusted Contacts allows users to share their location with any of their designated “trusted contacts,” while trusted contacts can request the user's location as well. A person can accept or decline someone’s request, but if they don’t respond, the app will automatically accept the request and share that individual's location.
… The app is only available for Android right now, but will be available on iPhones soon.
Might make a fun class project.
Design your own custom drone
A new system from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) is the first to allow users to design, simulate, and build their own custom drone. Users can change the size, shape, and structure of their drone based on the specific needs they have for payload, cost, flight time, battery usage, and other factors.
If a car company can lock you in your car, can a hacker? Stay tuned!
Car Thief Foiled By Police, Nap, Power Door Locks
… Just before 5 AM, the BMW’s owner discovered her car was missing and called 911. Officers contacted BMW corporate, which was able to track the vehicle to the 2100 block of NE 63rd Street. When officers pulled up on the block around 5:45 AM, they found the BMW parked in an alley, still running, with a man asleep in the driver’s seat.
BMW employees were able to remotely lock the car’s doors, trapping the suspect inside
Samsung is going to have to live with their failure for a long, long time.