Amazon Echo Could Become an Attacker's Listening Device
The Amazon Echo is an
always-listening device designed to play music, answer questions via the Alexa
voice service, and control connected home devices such as WeMo, Hive and Nest. Now researchers have demonstrated that while
it listens to you, attackers could be listening to you as well.
Mike Barnes, a researcher at MWR Infosecurity, has
published details
of an attack that can compromise the device while leaving no evidence of
tampering. The attack requires physical
access, and continues work (PDF) published
last year by researchers from The Citadel, The Military College of South
Carolina.
… In effect,
everything that the Echo hears can now also be heard by attackers without any
alteration to the functionality of the Echo or evidence of tampering.
You can fool all the people some of the time…
White House officials tricked by email prankster
A self-described "email prankster" in the UK
fooled a number of White House officials into thinking he was other officials,
including an episode where he convinced the White House official tasked with
cyber security that he was Jared Kushner and received that official's private
email address unsolicited.
… Cyber experts
consulted by CNN say the incidents are illustrative of how vulnerable Americans
-- even those in the highest reaches of power -- remain to the potential threat
of spear-phishing, the process through which officials are duped by hackers,
and expose government computers and systems to various cyber threats.
Remember, these companies were NOT the target of this
attack. This is all collateral
damage.
Malware Attack Disrupts Merck's Worldwide Operations
American pharmaceutical
giant Merck revealed in its financial results announcement for the second
quarter of 2017 that a recent cyberattack has disrupted its worldwide
operations, including manufacturing, research and sales.
While Merck has not provided details about the incident in
its financial
report, the June 27 attack
referenced by the company is most likely the NotPetya malware outbreak that
affected tens of thousands of systems in more than 65 countries.
… Merck, which was
named as one of the victims of the NotPetya attack shortly after the outbreak
started, said on Friday that it had yet
to fully assess the impact of the disruption. The company said it had still been working on restoring operations and minimizing the
effects of the incident.
… Merck is just
one of several major companies affected by the NotPetya attack. The list also includes Ukraine's
central bank, Russian
oil giant Rosneft, UK-based advertising group WPP, Danish shipping
giant A.P. Moller-Maersk, and FedEx-owned TNT Express.
FedEx
reported last month that it had still been working on restoring
systems hit by the destructive malware attack, and admitted that it may not be
able to fully restore all affected systems and recover all the critical
business data encrypted by NotPetya.
Reckitt Benckiser, the British consumer goods company that
makes Nurofen, Dettol and Durex products, said the attack disrupted its ability
to manufacture and distribute products. The
firm estimated
that the incident could have an impact of £100 million ($130 million) on its
revenue.
No encryption?
Pity.
Hackers Threaten ‘Game of Thrones,’ as HBO Confirms Cyberattack
HBO confirmed on Monday that the network
had been the target of a cyberattack, as an anonymous hacker boasted about
leaking full episodes of upcoming shows along with written material from next
week’s episode of “Game of Thrones.”
In an email to
journalists, the hacker or hackers claimed to have obtained 1.5 terabytes of data from HBO, according to
Entertainment Weekly, which broke the news
Not really complete, but a place to start.
…and you thought Google was only an online threat.
From EPIC.org:
EPIC has filed a complaint with the FTC asking the Commission to investigate
Google’s tracking of in-store purchases. According to EPIC, Google collects billions of credit and debit card transactions and
then links that personal data to the activities of Internet users. Google claims that it protects online privacy
but refuses to reveal details of the algorithm that “deidentifies” consumers
while tracking their purchases. EPIC’s
complaint asks the FTC to stop Google’s tracking of in-store purchases and
determine whether Google adequately protects consumer privacy. EPIC has filed several successful FTC
complaints that led to FTC investigations, including complaints about changes
to Facebook’s privacy preferences and the launch of Google Buzz. EPIC has also focused on the adequacy of
privacy techniques, with complaints against AskEraser (search
histories that are not deleted) and Snapchat
(images that do not “vanish”). EPIC’s recent complaint against Google notes
that the company is seeking to extend its dominance of online advertising to
the physical world.
“Those who do not understand Privacy are willing to deny
it to all those ‘second class’ citizens out there.”
UK home secretary Amber Rudd says 'real people' don't need
end-to-end encryption
UK home secretary Amber Rudd has called on messaging apps
like WhatsApp to ditch end-to-end encryption, arguing that it aids terrorists.
Writing
in The Telegraph on Tuesday, the Conservative minister said that "real
people" don't need the feature and that tech companies should do more to
help the authorities deal with security threats.
… "The
inability to gain access to encrypted data in specific and targeted instances
... is right now severely limiting our agencies' ability to stop terrorist
attacks and bring criminals to justice."
I find this amusing.
Citing ‘basic physics,’ a judge berated the FAA over
shrinking airline seats
… In a fiery
ruling on Friday, an appeals court judge in Washington ordered the
Federal Aviation Administration to look into it what she called “the
Case of the Incredible Shrinking Airline Seat.”
Judge Patricia Millett upbraided the FAA for
“vacuous” and “vaporous” evidence that the agency previously used to argue
that diminishing leg room was not a problem — or at least not its problem.
… But when it came
to emergency evacuations — you know, those things a flight attendant reminds
you about before every departure — the court agreed with FlyersRights.org that
the “Incredible Shrinking Airline Seat” might be a problem.
The FAA had argued otherwise, the judge wrote, citing
studies and internal reviews to contend that seat spacing had no impact on
evacuations.
But FAA hadn’t actually shown anyone some of those
reports, the judge complained, writing information
that “no one can see does not count.” [Exactly what I tell my students! Bob]
I bet I could think of a hundred similar tests. If not, I’ll keep drinking beer until I do! Purely for science, of course.
Can Alcohol Fuel Creativity?
… The study
featured 70 young adults between the ages of 19 and 32. They began the experiment by taking one test
measuring executive function, and two measuring creative potential
… Upon completion,
participants were given beers to drink while they watched a half-hour
documentary. For half of them, it was a
standard alcoholic beer, while, for the others, it was a non-alcoholic brew of
nearly identical taste and color. The
subjects were not told which they were drinking. As planned, those who drank the real beer
ended up with a blood alcohol concentration of nearly 0.03.
Having quenched their thirst, all participants performed
the tests a second time. The key result:
Solution rates on the Remote Associates Test were higher among those who had
been drinking. There were no significant
differences on the Alternative Uses Task.
Even dumb questions can provoke good discussions.
No comments:
Post a Comment