Friday, March 31, 2017
A rather important bug fix.
Apple's iOS 10.3 fixes flaw used in accidental DDoS attack on 911 call system
Apple's latest iOS 10.3 release patches a flaw that can be used to repeatedly dial a phone number, accidentally exploited last year to redial 911 call centers, protecting emergency operators from potential cyberattacks.
For my programming students.
Kevin Poulsen reports on the arrest of Taylor Huddleston, whose “crime” is that others have used a tool he developed:
Huddleston, though, isn’t a hacker. He’s the author of a remote administration tool, or RAT, called NanoCore that happens to be popular with hackers. NanoCore has been linked to intrusions in at least 10 countries, including an attack on Middle Eastern energy firms in 2015, and a massive phishing campaign last August in which the perpetrators posed as major oil and gas company. As Huddleston sees it, he’s a victim himself—hackers have been pirating his program for years and using it to commit crimes. But to the Justice Department, Huddleston is an accomplice to a spree of felonies.
Read more on The Daily Beast.
[From the article:
Depending on whose view prevails, Huddleston could face prison time and lose his home, in a case that raises a novel question: when is a programmer criminally responsible for the actions of his users? “Everybody seems to acknowledge that this software product had a legitimate purpose,” says Travis Morrissey, a lawyer in Hot Springs who represented Huddleston at his bail hearing. “It’s like saying that if someone buys a handgun and uses it to rob a liquor store, that the handgun manufacturer is complicit.”
Some experts say the answer to that question could have far reaching implications for developers, particularly those working on new technologies that criminals might adopt in unforeseeable ways.
Telegram is introducing the ability to make encrypted voice calls. Telegram is a little late to the party, with countless messaging services already offering voice calling. However, Telegram’s focus on end-to-end encryption means it’s bringing security to said party. Digital doormen, if you like.
Governments around the world are currently seeking to erode the use of encryption. Their argument is that this will stop terrorists communicating in secret. However, it isn’t just bad guys who take exception to being snooped on.
This is why Telegram exists. And why Telegram is now offering encrypted voice calls.
… Telegram is rolling out encrypted voice calls on Android and on iOS right now. The rollout is starting in Western Europe before expanding to the rest of the world. To gain the ability to make encrypted voice calls using Telegram you’ll need to update the app to v3.18.
Anonymous is as anonymous does. F. Gump Some guidance for my Forensics students.
Digital security and its discontents—from Hillary Clinton’s emails to ransomware to Tor hacks—is in many ways one of the chief concerns of the contemporary FBI. So it makes sense that the bureau’s director, James Comey, would dip his toe into the digital torrent with a Twitter account. It also makes sense, given Comey’s high profile, that he would want that Twitter account to be a secret from the world, lest his follows and favs be scrubbed for clues about what the feds are up to. What is somewhat surprising, however, is that it only took me about four hours of sleuthing to find Comey’s account, which is not protected.
Last night, at the Intelligence and National Security Alliance leadership dinner, Comey let slip that he has both a secret Twitter and an Instagram account in the course of relating a quick anecdote about one of his daughters.
… As far as finding Comey’s Twitter goes, the only hint he offered was the fact that he has “to be on Twitter now,” meaning that the account would likely be relatively new. Regarding his Instagram identity, though, Comey gave us quite a bit more to work with:
... I care deeply about privacy, treasure it. I have an Instagram account with nine followers. Nobody is getting in. They’re all immediate relatives and one daughter’s serious boyfriend. I let them in because they’re serious enough. I don’t want anybody looking at my photos. I treasure my privacy and security on the internet. My job is public safety.
Both a noble sentiment and an extremely helpful clue for tracking down the FBI director’s social media accounts. Because, presumably, if we can find the Instagram accounts belonging to James Comey’s family, we can also find James Comey.
I want one!
AI Annihilates The Stock Market Achieving Eye-Popping Returns, Study Shows
Based on the results of a study conducted by an international team of researchers at the School of Business and Economics at Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU), AI-based algorithms can function as stock market traders. And they’re not just good at it. They’re actually much better than real live traders (man, that hurts). And they seemed to do particularly well during times of financial turmoil.
To arrive at these results, the team –headed by Dr. Christopher Krauss of the Chair for Statistics and Econometrics at FAU — studied the S&P 500 Index which basically consists of the top 500 US stocks. For the period from 1992 to 2015, they used different methods, specifically, ‘deep learning, gradient boosting, and random forests’, to generate daily predictions for each of the 500 stocks.
… From the year 2000, the returns earned were higher than actual market returns by 30% per annum. In the nineties, the returns were even higher. And notably, the models did extra well at times when the financial market was most unstable.
… The results of the study have been published in the European Journal of Operational Research under the title “Deep neural networks, gradient-boosted trees, random forests: Statistical arbitrage on the S&P 500”.
(Related). Will Canada become ‘Silicon North?’
Vector Institute is just the latest in Canada's AI expansion
Canadian researchers have been behind some recent major breakthroughs in artificial intelligence. Now, the country is betting on becoming a big player in one of the hottest fields in technology, with help from the likes of Google and RBC.
How Many Robots Does It Take to Replace a Human Job?
… In a new paper, two economists—Daron Acemoglu, of MIT, and Pascual Restrepo, of Boston University—endeavor to answer the question of what an increasing number of robots will mean for workers.
… The study’s authors find that the addition of one robot per 1,000 workers reduces the employment-to-population ratio (the number of people actually employed in an area divided by the number of people of working age) by 0.18 to 0.34 percentage points, and reduces wages by between 0.25 and 0.5 percent. On the low end, this amounts to one new robot replacing around three workers. The impact is unsurprisingly most pronounced in manufacturing (particularly in the production side of the auto industry), electronics, chemicals, and pharmaceuticals, among others. Perhaps most importantly, there were negative effects for virtually all workers except managers.
While the findings might seem grim for workers, the authors note that just because an industry can automate doesn’t mean that it will. The choice to automate isn’t always the right one for companies, and it’s often dependent upon a host of other considerations, including cost.
U.S. music streaming sales reach historic high
… Overall music streaming saw 68 percent growth in 2016 compared with the year before, and the numbers were even more encouraging for subscription-based services from Spotify, Apple Music and Amazon. Subscription services enjoyed a spectacular 114 percent increase last year, rising to $2.5 billion. That's a crucial number to the U.S. music industry, which remains at least somewhat resistant to free streaming, with some artists still withholding their music from services like Spotify's free offering.
In short, the primary way people listen to music shifted dramatically in 2016. Streaming, and not downloads or physical album sales, is now king, and subscription services are the industry's top growth area.
… The rise of streaming has been stark. In 2011, total revenues from streaming platforms accounted for 9 percent of the market compared with 51 percent last year.
Probably the best guess. Although, this kerfuffle seems to go well beyond political neophytes learning on the job.
The Wall Street Journal is reporting that former National Security Advisor Mike Flynn told the FBI and Congress that he is willing to testify in exchange for immunity. But it’s not a serious offer, and it suggests he has nothing to say (or is not willing to say anything that would incriminate others). Although Flynn’s lawyer, Robert Kelner of Covington & Burling, refused to comment for the article, he tweeted out a statement teasing that “General Flynn certainly has a story tell, and he very much wants to tell it, should the circumstances permit.”
As an experienced lawyer, Kelner will know that the Justice Department would never grant immunity for testimony on these terms. Prosecutors would first require that Flynn submit to what’s called a proffer session in which Flynn would agree to tell everything he knows in exchange for the prosecutors agreeing not to use his statement against him. Only after the prosecutors heard what Flynn could offer in terms of evidence against others, and had an opportunity to assess his credibility, would they be willing to discuss any grants of immunity or a cooperation deal. At a minimum, the prosecutors would require Flynn’s lawyer to make a proffer outlining the information that Flynn could provide.
The fact that Flynn and his lawyer have made his offer publicly suggests that he has nothing good to give the prosecutors (either because he cannot incriminate others or is unwilling to do so). If he had something good, Flynn and his lawyer would approach the prosecutors quietly, go through the proffer process in confidence, and reach a deal. Why? Because prosecutors have an interest in keeping their investigation secret, and Flynn’s lawyer knows that. The last thing Flynn’s lawyer would do if he thought he had the goods would be to go public, because that would potentially compromise the criminal inquiry and would certainly irritate the prosecutors, the very people Flynn’s lawyer would be trying to win over.
For my Computer Security students. Let’s build one on our 3D printer!
The Founding Fathers Encrypted Secret Messages, Too
Thomas Jefferson is known for a lot of things—writing the Declaration of Independence, founding the University of Virginia, owning hundreds of slaves despite believing in the equality of men—but his place as the “Father of American Cryptography” is not one of them.
My continuing quest to make my students rich. (All I ask is 1%)
How to Make Money With a Podcast
… Taylor initially wanted something to impress clients -- to show them how carefully his studio thinks about story and sound -- so he created Twenty Thousand Hertz as a highly produced series that explores the history of familiar sounds. It took 10 months to develop, now takes six weeks to make each episode (he produces multiples at a time and releases them biweekly) and costs real money
… Brands are asking him to advertise on the show -- which is to say, other brands want to pay to be inside his branded content. That’s the power of being nonpromotional.
You don’t need sponsors to make big bucks. Or big audiences! Podcast consultant Sachit Gupta says you’re better off making a show that connects with a niche group. “The more specific you are, the better you understand their problems,” he says. Then once you build that trust, you can create an online course, a book or consulting work they’ll pay for.
Something for the toolkit?
… how do you know the difference between a telemarketer and a family member?
Easy. Get a caller ID app. Caller ID apps identify callers in real time. That means the software checks the caller ID of the incoming number against a database of known telemarketers and scammers. They suffer from serious privacy issues — but if you aren’t concerned, or want to know more, read on.
For my students. Understanding the competition.
Highest Educational Levels Reached by Adults in the U.S. Since 1940
by Sabrina I. Pacifici on Mar 30, 2017
“More than one-third of the adult population in the United States has a bachelor’s degree or higher marking the first time in decades of data. “The percentage rose to 33.4 percent in 2016, a significant milestone since the Current Population Survey began collecting educational attainment in 1940,” said Kurt Bauman, Chief of the Education and Social Stratification Branch. “In 1940, only 4.6 percent had reached that level of education.” In 2010, less than 30 percent of those 25 and older had completed a bachelor’s degree or higher, and in 2006, 28 percent had reached that level of education. These findings come from the U.S. Census Bureau’s Educational Attainment in the United States: 2016 table package that uses statistics from the Current Population Survey Annual Social and Economic Supplement to examine the educational attainment of adults ages 25 and older by demographic and social characteristics, such as age, sex, race and Hispanic origin, nativity and disability status. The data also found that the average earnings in 2016 for those ages 25 and older whose highest educational attainment was high school were $35,615. The average earnings for those with a bachelor’s degree were $65,482 compared with $92,525 for those with an advanced degree…”