Wednesday, July 19, 2017
Be sure to read ALL the documentation, especially that bit about default settings.
Kelly Sheridan reports:
A data leak at Dow Jones & Co. exposed the personal information of millions of customers after a public cloud configuration error. This marks the fifth major public cloud leak in the past several months after similar incidents affected Verizon, the WWE, US voter records, and Scottrade.
This mistake compromised millions of customers’ names, account information, physical and email addresses, and last four digits of credit card numbers. It also affected 1.6 million entries in Dow Jones Risk and Compliance, a collection of databases used by financial companies for compliance with anti-money laundering regulations.
Read more on Dark Reading.
[From the article:
All of this information was left exposed in an Amazon Web Services S3 bucket, which had its permission settings configured to let any AWS Authenticated User download data using the bucket's URL. Amazon defines "authenticated user" as anyone who has a free AWS account, meaning the data was available to more than one million users.
Kind of generic warning, unless they know something specific they don’t want to reveal.
UK Spy Agency Warns of State-sponsored Hackers Targeting Critical Infrastructure
The U.K. Government Communications Headquarters (GCHQ), Britain's secret eavesdropping agency, warns that 'a number of [UK] Industrial Control System engineering and services organisations are likely to have been compromised' following the discovery of 'connections from multiple UK IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors.'
The warning comes from a National Cyber Security Centre (NCSC) memo obtained by Motherboard and confirmed by the BBC. NCSC is part of the UK's primary cyber intelligence agency, GCHQ.
From the little information available, it doesn't appear as if there are any specifically known compromises -- NCSC might simply be working from the statistical probability that if enough phishing attacks are launched, at least some will inevitably succeed.
I read this as, “We’re gonna do something as soon as we figure out what that might be.” Looks like they will reiterate basic security guidelines. Nothing on “Fake News?”
Former Clinton and Romney campaign chiefs join forces to fight election hacking
… The bipartisan project aims to develop ways to share key threat information with political campaigns and state and local election offices; create “playbooks” for election officials to improve cybersecurity; and forge strategies for the United States to deter adversaries from engaging in hacks and information operations, among other things.
… “This project will find practical solutions to help both parties and civic institutions that are critical to our elections better secure themselves.”
Attacking more subtly than with nukes.
AI Could Revolutionize War as Much as Nukes
In 1899, the world’s most powerful nations signed a treaty at The Hague that banned military use of aircraft, fearing the emerging technology’s destructive power. Five years later the moratorium was allowed to expire, and before long aircraft were helping to enable the slaughter of World War I. “Some technologies are so powerful as to be irresistible,” says Greg Allen, a fellow at the Center for New American Security, a non-partisan Washington DC think tank. “Militaries around the world have essentially come to the same conclusion with respect to artificial intelligence.”
Allen is coauthor of a 132-page new report on the effect of artificial intelligence on national security.
… The report also says that the US should soon be able to significantly expand its powers of attack and defense in cyberwar by automating work like probing and targeting enemy networks or crafting fake information.
(Related). And zombies! Don’t forget the zombies!
Top US general warns against rogue killer robots
The second highest-ranking general in the U.S. military on Tuesday warned lawmakers against equipping the military with autonomous weapons systems that humans could lose control of and advocated for keeping the "ethical rules of war" in place.
… "I don't think it's reasonable for us to put robots in charge of whether or not we take a human life," Selva told the committee.
Peters mentioned that the directive expires later this year, and told Selva that America's enemies would not hesitate to employ such technology.
Social Media as a tool…
How Brands Can Engineer Social Media Content
In the world of social media advertising, the biggest win for firms is when consumers are delighted by the content they see, want to engage with it and eventually buy something. Kartik Hosanagar, Wharton professor of operations, information and decisions, has co-authored research that takes a closer look at brand posts on Facebook to determine the type and mix of content advertisers should aim for to get results. The paper, “Advertising Content and Consumer Engagement on Social Media: Evidence from Facebook,” which was co-authored with Dokyun Lee of Carnegie Mellon University and Stanford University’s Harikesh Nair, is forthcoming in the journal Management Science. Hosanagar recently joined Knowledge@Wharton to discuss his findings.
We knew this, right?
Study: 1 in 4 U.S. Jobs At Risk of Offshoring
Researchers at Muncie, Indiana's Ball State University recently published an illuminating – and concerning – dive into expectations for the future health of the U.S. labor market in a paper titled "How Vulnerable Are American Communities to Automation, Trade and Urbanization?"
The answer: Pretty vulnerable.
Drawing on new and existing research focused on job movement and potential displacement in the U.S., the researchers indicated as many as 25 percent of American jobs could be offshored in the years ahead, at risk of replacement by foreign competition. And half of all low-skill jobs could eventually be automated, potentially displacing millions of U.S. workers.
… Since the recession that ended in 2009, researchers estimate "half the net establishment growth [or business formation] in the United States … occurred in just 0.64 percent of the more than 3,100 U.S. counties." [Okay, that I didn’t know. Bob]
Interesting. Perhaps we should change our Presentation course?
Does a presentation’s medium affect its message? PowerPoint, Prezi, and oral presentations
Moulton ST, Turkay S, Kosslyn SM (2017) Does a presentation’s medium affect its message? PowerPoint, Prezi, and oral presentations. PLoS ONE 12(7): e0178774. https://doi.org/10.1371/journal.pone.0178774
“Despite the prevalence of PowerPoint in professional and educational presentations, surprisingly little is known about how effective such presentations are. All else being equal, are PowerPoint presentations better than purely oral presentations or those that use alternative software tools? To address this question we recreated a real-world business scenario in which individuals presented to a corporate board. Participants (playing the role of the presenter) were randomly assigned to create PowerPoint, Prezi, or oral presentations, and then actually delivered the presentation live to other participants (playing the role of corporate executives). Across two experiments and on a variety of dimensions, participants evaluated PowerPoint presentations comparably to oral presentations, but evaluated Prezi presentations more favorably than both PowerPoint and oral presentations. There was some evidence that participants who viewed different types of presentations came to different conclusions about the business scenario, but no evidence that they remembered or comprehended the scenario differently. We conclude that the observed effects of presentation format are not merely the result of novelty, bias, experimenter-, or software-specific characteristics, but instead reveal a communication preference for using the panning-and-zooming animations that characterize Prezi presentations.”