Thursday, December 22, 2016
Do we retaliate against their military or the top officials who authorized the hack? What do we do? Rigging their election would seem redundant.
Cybersecurity firm finds evidence that Russian military unit was behind DNC hack
… The firm CrowdStrike linked malware used in the DNC intrusion to malware used to hack and track an Android phone app used by the Ukrainian army in its battle against pro-Russia separatists in eastern Ukraine from late 2014 through 2016.
While CrowdStrike, which was hired by the DNC to investigate the intrusions and whose findings are described in a new report, had always suspected that one of the two hacker groups that struck the DNC was the GRU, Russia’s military intelligence agency, it had only medium confidence.
Now, said CrowdStrike co-founder Dmitri Alperovitch, “we have high confidence” it was a unit of the GRU. CrowdStrike had dubbed that unit “Fancy Bear.”
(Related). Think of it as a ‘Targeting” App that feeds coordinates directly to Russian artillery.
Russia Used Android Malware to Track Ukrainian Troops: Report
The Russia-linked cyberespionage group known as Fancy Bear has tracked Ukrainian artillery forces by planting a piece of Android malware in a legitimate military application, threat intelligence firm CrowdStrike reported on Thursday.
… This summer, the company’s analysts came across an Android application package (APK) file named “Попр-Д30.apk.” The file contained Russian-language artifacts and its name referenced the D-30, a Russian-made 122 mm towed howitzer that first entered service in the 1960s.
The D-30 is still used by the Ukrainian military and, in 2013, artillery officer Yaroslav Sherstuk created an Android app designed to help personnel reduce the time to fire the gun from minutes to under 15 seconds. According to its developer, the application has roughly 9,000 users.
… “CrowdStrike Intelligence assesses a tool such as this has the potential ability to map out a unit’s composition and hierarchy, determine their plans, and even triangulate their approximate location. This type of strategic analysis can enable the identification of zones in which troops are operating and help prioritize assets within those zones for future targeting,” CrowdStrike wrote in its report.
Ransomware is cheap, but then we (hackers) can automate it.
How Much Do Businesses Pay for Stolen Data?
… Last week, IBM released the results of a survey that looked at people’s attitudes toward ransomware. Among 600 U.S. business executives, nearly half said they’d experienced attacks. And fully 70 percent of those who’d been attacked said they paid to get their data back.
… 45 percent of companies that paid ransoms coughed up more than $20,000 to get their files back, and 20 percent paid hackers more than $40,000.
This could be useful.
PersonalData.IO helps you get access to your personal data
by Sabrina I. Pacifici on Dec 21, 2016
“PersonalData.IO is a free and open platform for citizens to track their personal data and understand how it is used by companies. It is part of the MyData movement, promoting a human-centric approach to personal data management. A lot of readers of this blog will be familiar with Freedom of Information laws, a legal mechanism that forces governments to be more open. Individuals, journalists, startups and other actors can use this “right-to-know” to understand what the government is doing and try to make it function better. There are even platforms that help facilitate the exercise of this right, like MuckRock, WhatDoTheyKnow or FragDenStaat. These platforms also have an education function around information rights. In Europe we enjoy a similar right with respect to personal data held by private companies, but it is often very hard to exercise it. We want to change that, with PersonalData.IO.”
(Related). How law enforcement gets your data?
US State Police Have Spent Millions on Israeli Phone Cracking Tech
This is part of a Motherboard mini-series on the proliferation of phone cracking technology, the people behind it, and who is buying it. Follow along here.
When cops have a phone to break into, they just might pull a small, laptop-sized device out of a rugged briefcase. After plugging the phone in with a cable, and a few taps of a touch-screen, the cops have now bypassed the phone’s passcode. Almost like magic, they now have access to call logs, text messages, and in some cases even deleted data.
… Cellebrite, an Israel-based firm, sells tools that can pull data from most mobile phones on the market, such as contact lists, emails, and wiped messages. Cellebrite's products can also circumvent the passcode locks or other security protections on many current mobile phones. The gear is typically used to gather evidence from a criminal suspect's device after it has been seized, and although not many public examples of abuse are available, Cellebrite’s tools have been used by non-US authorities to prosecute dissidents.
Previous reports have focused on federal agencies' acquisition of Cellebrite tools. But as smartphones have proliferated and increasingly become the digital center of our lives, the demand and supply of mobile forensics tools has trickled down to more local bodies.
… According to a spreadsheet detailing what models of phones Cellebrite can handle, the UFED can extract data from thousands of different mobile devices. It can’t, however, extract the passcode on the iPhone 4s or above.
How should we take this? Is crime up 27% or are we discovering new ways to use Facebook data to predict, defend against, or identify the perpetrators of crime?
Governments are demanding more and more user data from Facebook
… On Wednesday, the social network said that government requests for user account data rose 27% in the first half of 2016 compared to the second half of last year.
A way to ‘lock up’ academic research?
Facebook’s secretive hardware team signs rapid collaboration deal with 17 universities
Facebook’s shadowy Building 8 research team needs help from academia to invent futuristic hardware. But today’s pace of innovation doesn’t allow for the standard 9-12 month turnaround time it takes universities to strike one-off research partnerships with private companies.
Enter SARA, aka Facebook’s “Sponsored Academic Research Agreement.” It’s a deal forged by Building 8 head Regina Dugan with 17 top universities to get collaboration on new projects started in just weeks or even days. SARA eliminates the need for time-consuming further negotiation and faculty approvals.
A Brief Economic History of Time
… Time’s unknowable perils contributed to the flourishing of economic thought. But then something interesting happened. The creature became the creator: The economy re-invented time. Or, to put things less obliquely, the age of exploration and the industrial revolution completely changed the way people measure time, understand time, and feel and talk about time.
Just think: What do you look forward to when you’re at work? Maybe it’s a happy hour, the weekend, or, in the more distant future, retirement. Each of these are distinct periods of time, and each is an invention of the last 150 years of economic change.
… Three forces contributed to the modern invention of time. First, the conquest of foreign territories across the ocean required precise navigation with accurate timepieces. Second, the invention of the railroad required the standardization of time across countries, replacing the local system of keeping time using shadows and sundials. Third, the industrial economy necessitated new labor laws, which changed the way people think about work.
Report – Artificial Intelligence, Automation, and the Economy
by Sabrina I. Pacifici on Dec 21, 2016
Artificial Intelligence, Automation, and the Economy – Executive Office of the President, December 2016
“Accelerating artificial intelligence (AI) capabilities will enable automation of some tasks that have long required human labor. These transformations will open up new opportunities for individuals, the economy, and society, but they have the potential to disrupt the current livelihoods of millions of Americans. Whether AI leads to unemployment and increases in inequality over the long-run depends not only on the technology itself but also on the institutions and policies that are in place. This report examines the expected impact of AI-driven automation on the economy, and describes broad strategies that could increase the benefits of AI and mitigate its costs…”
Perspective. I don’t get it, but apparently we should be teaching game creation.
Super Mario Run breaks records with 40 million downloads in its first 4 days
… Previous third-party estimates suggested the new game was on track to topple Pokémon Go’s previous early performance and approach the 40 million mark, but this official number confirms it.
In a press release issued by Nintendo, the company says that in addition to its top ranking in the “free” chart of the App Store in 140 different global markets (of the 150 where it’s available), it’s also now in the top 10 ranking for best grossing games in 100 different markets.
For my geeks.
… PIXEL represents our best guess as to what the majority of users are looking for in a desktop environment: a clean, modern user interface; a curated suite of productivity software and programming tools, both free and proprietary; and the Chromium web browser with useful plugins, including Adobe Flash, preinstalled. And all of this is built on top of Debian, providing instant access to thousands of free applications.
… So, after three months of hard work from Simon and Serge, we have a Christmas treat for you: an experimental version of Debian+PIXEL for x86 platforms. Simply download the image, burn it onto a DVD or flash it onto a USB stick, and boot straight into the familiar PIXEL desktop environment on your PC or Mac. Or go out and buy this month’s issue of The MagPi magazine, in stores tomorrow, which has this rather stylish bootable DVD on the cover.
A school can now run PIXEL on its existing installed base of PCs, just as a student can run PIXEL on her Raspberry Pi at home. She can move back and forth between her computing class or after-school club and home, using exactly the same productivity software and programming tools, in exactly the same desktop environment. There is no learning curve, and no need to tweak her schoolwork to run on two subtly different operating systems.
Helping my students avoid “the dog ate my homework” syndrome.
… Ultimately, you can never be too careful. The more backups of your data you make, the better. In this article, I’ll highlight the best free backup software for Windows.
I have no artistic ability. Is this as good as they say?
… For the uninitiated, Prisma allows you to turn your photos into works of art. You choose a photo, then choose from a range of different styles designed to emulate famous artists. And seconds later your photo looks like it has been painted rather than shot.