Thursday, June 15, 2017

What procedures were violated?  E.g. Accepting a change of banks without verification?
Graham Cluley writes:
Southern Oregon University has announced that it is the latest organization to fall victim to a business email compromise (BEC) attack after fraudsters tricked the educational establishment into transferring money into a bank account under their control.
According to media reports, the university fell for the scam in late April when it wired $1.9 million into a bank account.  They believed they were paying Andersen Construction, a contractor responsible for constructing a pavilion and student recreation center.
Read more on TripWire.


I’m not sure we will ever be satisfied with the answers we find.  However there have been suggestions that I think would make vote tampering easily detectable. 
Questions increase over determining extent of Russia election hacking
by Sabrina I. Pacifici on Jun 14, 2017
NPR – If Voting Machines Were Hacked, Would Anyone Know? – “As new reports emerge about Russian-backed attempts to hack state and local election systems [Link], U.S. officials are increasingly worried about how vulnerable American elections really are.  While the officials say they see no evidence that any votes were tampered with, no one knows for sure.  Voters were assured repeatedly last year that foreign hackers couldn’t manipulate votes because, with few exceptions, voting machines are not connected to the Internet.  “So how do you hack something in cyberspace, when it’s not in cyberspace?”  Louisiana Secretary of State Tom Schedler said shortly before the 2016 election.  But even if most voting machines aren’t connected to the Internet, says cybersecurity expert Jeremy Epstein, “they are connected to something that’s connected to something that’s connected to the Internet…”
Nextgov – “Congressional concern is climbing—not for the first time—about government agencies using an anti-virus tool made by the respected but Russia-based security firm Kaspersky Lab.  The dustup is a case study in why securing government systems is devilishly complicated…”


So, what can we do about it?
The Internet, a historically unparalleled source of information and expression, has also become a playground for censorship, punishment and propaganda.  Not a day goes by where an individual is not arrested, prosecuted or threatened for the content of a tweet or a post.  States are ordering internet shutdowns in times of public protest, elections, and even school exams.  Governments enjoy surveillance capabilities that drill deep into the lives of journalists, activists, political opposition, and regular citizens.
1.      Network shutdowns devastate individuals and their communities … and are spreading:
2.      Surveillance is more secretive and invasive than ever:
3.      States must back up their commitments with action:
4.      Companies are on the front line of the fight for users’ rights:
5.      Transparency needed across the board:
Read the full report, which also discusses the erosion of net neutrality, and the human rights impact of standards developing organizations like the Internet Engineering Task Force, and its supplementary materials, here.


Perspective.
IoT spending to surpass $800 billion in 2017, led by hardware: IDC
Research firm IDC has released updated spending estimates for the Internet of Things. Overall, IDC expects IoT spending to grow 16.7 percent year-over-year in 2017, reaching just over $800 billion.
By 2021, global IoT spending is expected to total nearly $1.4 trillion, led by enterprise investments IoT hardware, software, services, and connectivity.


Is this bad?  Should we stop the little earthquakes and just wait for the big one? 
Gigantic increase in fracking related earthquakes spikes insurance costs
by Sabrina I. Pacifici on Jun 14, 2017
GOOD: “…According to the U.S. Geological Survey, prior to 2009, when oil and gas fracking in Oklahoma and neighboring states really started to boom, Oklahoma experienced roughly two earthquakes a year.  Now, the state sees as many as two or three earthquakes each day, leaping from an annual average of 99 between 2009-2013 to 585 in 2014.  By 2015, the state endured 887 earthquakes, including 30 that topped 4.0 on the Richter scale…”


Because writing out a grocery list is so “last year!”  
Amazon’s New Dash Wand Will Now Take Your Grocery Order
Amazon's new Dash Wand is the company's latest connected device aims to make buying groceries from AmazonFresh delivery service or other items from Amazon.com even easier.
About the size of a remote control, Dash Wand incorporates Alexa, the virtual personal assistant persona that drives Amazon's Echo devices.  That means users can tell it what to order or they can scan in product codes. It can search for recipes but, unlike Echo, it will not play music. [Sounds like a project for my Ethical Hacking students!  Bob]


Research tools?  My students are not encouraged to use “old” articles, which I define as more than 12 months old.  Perhaps I should make an exception here?
Google releases collection of highly cited subject matter papers
by Sabrina I. Pacifici on Jun 14, 2017
Google Scholar Blog: “Classic Papers: Articles That Have Stood The Test of Time – “Scholarly research is often about the latest findings – the newest knowledge that our colleagues have gleaned from nature.  Some articles buck this pattern and have impact long after their publication.  Today, we are releasing Classic Papers, a collection of highly-cited papers in their area of research that have stood the test of time.  For each area, we list the ten most-cited articles that were published ten years earlier.  This release of classic papers consists of articles that were published in 2006 and is based on our index as it was in May 2017.  To browse classic papers, select one of the broad areas and then select the specific research field of your interest…  The list of classic papers includes articles that presented new research.  It specifically excludes review articles, introductory articles, editorials, guidelines, commentaries, etc.  It also excludes articles with fewer than 20 citations and, for now, is limited to articles written in English.”


Looks like I need to develop another class.
Science and Technology Resources on the Internet – Text Mining
by Sabrina I. Pacifici on Jun 14, 2017
Science and Technology Resources on the Internet – Text Mining, by Kristen Cooper, Plant Sciences Librarian, University of Minnesota Libraries, University of Minnesota.  Issues in Science and Technology Librarianship, Spring 2017. DOI:10.5062/F4K0729W.
“As defined by Bernard Reilly (2012), president of the Center for Research Libraries, text mining is “the automated processing of large amounts of digital data or textual content for the purpose of information retrieval, extraction, interpretation, and analysis.”  The first step is to find or build a corpus, or the collection of text that a researcher wishes to work with.  Most often researchers will need to download this corpus to either their computers or an alternative storage platform.  Once this has been done, different tools can be used to find patterns, biases, and other trends that are present in the text (Reilly 2012).  Within higher education, text mining is most often found among the digital humanities and linguistics studies.  However it is growing in popularity in the science and technology fields…”

(Related).
VC firm Andreessen Horowitz explains why it led a $23 million round in a social network for data
Andreessen Horowitz, one of Silicon Valley's most prominent venture capital firms, has placed a bet on a start-up called Instabase that's quietly building a web service where data scientists and less technical users can work with data, CNBC has learned.
   So in 2014, Anant Bhardwaj and his colleagues at MIT's renowned Computer Science and Artificial Intelligence Laboratory (CSAIL), along with other academic researchers, detailed a new system for data called DataHub in a paper.  DataHub, now available on GitHub under an open-source license, forms the basis of Instabase.
But the start-up's web service is billed as being in preview and only lets a small number of people start using it every few days.
Once on the website, users can post data sets, which other users can explore, query, chart and contribute to them.  The service keeps track of changes to data just as GitHub stores updates to code files.


Perspective.  IBM wins at Chess and Go – this is the best Microsoft can do?
Microsoft AI plays a perfect game of Ms Pac-Man


Now that’s an attention-grabbing promotion!
Baseball Team Will Give Fans Pregnancy Tests at 'You Might Be the Father's Day' Game
When the marketing team of AA baseball team the Jacksonville Jumbo Shrimp steps up to the plate, they swing for the fences.
The theme of this coming Thirsty Thursday is “You Might Be the Father’s Day,” and the team will be distributing pregnancy tests to fans so that, according to the promotion, “you'll know if you need to return for Sunday's Father's Day game.”

No comments: