Saturday, July 29, 2017

Perfect timing?  Remember, it’s the hack that aren’t shared that you have to worry about.
Tesla Model X Hacked by Chinese Experts
Security researchers from China-based tech company Tencent have once again demonstrated that they can remotely hack a Tesla.  The vulnerabilities they leveraged were quickly patched by the carmaker.
Tencent’s Keen Security Lab published a video last year showing how they could hack a Tesla Model S, both while it was parked and on the move.  They took control of the sunroof, turn signals, displays, door locks, windshield wipers, mirrors, the trunk and even the brakes.
At the time, Tesla patched the vulnerabilities within 10 days, but claimed that the vulnerabilities were not as easy to exploit as it appeared from the video published by Keen Security Lab researchers.
In a new video and blog post published this week, the researchers claim they’ve once again managed to hack a Tesla, this time a Model X, via a Controller Area Network (CAN bus) and Electronic Control Unit (ECU) attack.
   In its video, Keen Security Lab showed that it managed to remotely unlock the doors and trunk in parking mode, control the brake in driving mode, and put on a light show using the car’s headlights and taillights by taking control of multiple ECUs.


Rumba attempts a foot-ectomy after sticking its foot firmly in its mouth. 
iRobot, the maker of Roomba, made big news this week when an interview with its CEO mentioned plans to sell the map data of customers’ homes to third parties.  Today, the company launched damage control measures and the CEO is spreading assurances that this is all just a big misunderstanding.
   We reached out to a spokesperson for iRobot, who tells Gizmodo that Reuters’ original article about iRobot contained “an unintentional misinterpretation of Colin’s statements.”  In fact, Reuters issued a correction today.  The paragraph that set off a firestorm has now replaced the words “sell maps” with “share maps for free with customer consent.”
   So we know that Reuters admits to the misunderstanding, but iRobot is still saying that it’s considering sharing all that map data, just that they won’t sell it for cash.  And a great way to guarantee “iRobot will never sell your data” would be to include those exact words in Roomba’s privacy policy. But iRobot wouldn’t commit to that.
   We’ve attempted to get more information about exactly what data is being stored by iRobot but company reps have avoided specificity.


For the next time I teach Computer Security.
Brad D. Williams reports:
Critical infrastructure operators have long faced the formidable security challenges of zero-day vulnerabilities and advanced persistent threats (APTs), both of which were employed in some of the most prominent cyberattacks in the sectors to date.  But one researcher is warning leaders in government and industry of an old threat that, fueled by recent legislation and commercial practices, is quickly surpassing zero days and APTs as perhaps the greatest risk to critical infrastructure security.
The threat is what might be called “weaponized metadata,” and the risks are detailed extensively in a new report, Metadata: The Most Potent Weapon in this Cyberwar, recently published by the Institute for Critical Infrastructure Technology (ICIT), a Washington, D.C.-based cybersecurity think tank.
Read more on Federal Times.


The second-best way works too.  (If you can’t out talk them, bomb them)
The US-Led Coalition Is Steadily Decimating ISIS’s Propaganda Operation
U.S.-executed decapitation strikes are eliminating key ISIS propaganda leaders and hacking away at the terror group’s ability to broadcast its jihadist message across the world from its dwindling holdfasts in Syria and Iraq, Operation Inherent Resolve announced on July 27.

Friday, July 28, 2017

Is nothing sacred?  A very understandable illustration.  Now think about the same types of hack in other environments.   
Researchers Demo Physical Attack via Car Wash Hack
LAS VEGAS - BLACK HAT USA - Researchers have created proof-of-concept (PoC) exploits to demonstrate how hackers can cause physical damage to vehicles and injure their occupants by remotely hijacking a connected car wash.
The attack was detailed in a presentation at the Black Hat security conference this week by WhiteScope founder Billy Rios, a researcher best known for finding vulnerabilities in medical devices and industrial control systems (ICS), and Dr. Jonathan Butts, founder of QED Secure Solutions and committee chair for the IFIP Working Group on Critical Infrastructure Protection.
The experts pointed out that automated car wash systems are essentially ICS and, just like industrial systems, they can be hacked and manipulated.
   Rios and Butts discovered that the web-based administration panel for the product, which is in many cases accessible directly from the Internet, has many features, including for sending email alerts and a widget for social media.
However, the more problematic issue is that both the owner and engineer accounts for the web interface are protected by weak default passwords.  They also discovered that the authentication mechanism can be bypassed by a hacker.

(Related).  What’s next?
Joshua Philipp reports:
Cyber mercenaries are breaching the systems of governments, financial institutions, critical infrastructure, and businesses, then selling access to them on a marketplace on the darknet, a hidden internet accessible only via specialized software.
All of this is happening on a darknet black marketplace known as the CMarket or “Criminal Market,” formerly known as “Babylon APT.”  The marketplace contains a public market, invite-only submarkets, and hacker-for-hire services ready to breach any network in any country.
The Epoch Times was provided with analysis, screenshots, and chat logs from the marketplace by darknet intelligence company BlackOps Cyber.  An undercover operative for the company gained access to the marketplace’s invite-only sections and grew close to several of its top members.
Read more on The Epoch Times.


Another one?!?!  Apparently, their strategy does not allow for anything that may go wrong. 
Wells Fargo Broadsided Anew With an Auto Insurance Sales Scandal
Wells Fargo & Co.’s campaign to rebuild customer and shareholder trust just hit another bump, as the bank said it may have pushed thousands of car buyers into loan defaults and repossessions by charging them for unwanted insurance.
An internal review of the bank’s auto lending found more than 500,000 clients may have unwittingly paid for protection against vehicle loss or damage while making monthly loan payments, even though many drivers already had their own policies,  Wells Fargo said in a statement late Thursday.  The firm said it may pay as much as $80 million to affected clients -- with extra money for as many as 20,000 who lost cars, “as an expression of our regret.”


Very timely.  My Architecture class will be discussing metrics this week!
Report Depicts Shameful State of Cybersecurity Metrics
For years, Security has sought the ear of the Board and claimed it was not offered.  Today the Board is listening; but all too often Security talks in a language that Business does not understand.  There is a solution, but it is not yet maximized.  That solution is Metrics, a language spoken and understood by both Business and Security; but not widely or effectively used.
The size of the task can be seen in just two statistics from Thycotic's 2017 State of Cybersecurity Metrics Annual Report (PDF).  Firstly, 1 in 3 companies invest in cybersecurity technologies without any way to measure their value or effectiveness.
   The second statistic is that four out of every five companies fail to include business stakeholders in cybersecurity investment decisions.  The result, in combination, is that through no direct fault of its own, Business doesn't understand what Security is doing, and has no way of knowing whether it is effective.
   Using metrics to demonstrate the overall efficiency or lack of efficiency in a company's cybersecurity posture is difficult but not impossible.  At the moment, however, companies are not making use of, or even collecting, the statistics that are readily available.  For example, four out of five companies never measure the success of security training investments. 
Two out of three companies don't fully measure whether their disaster recovery will work as planned.  And while 80% of breaches involve stolen or weak credentials (from Verizon's DBIR), 60% of companies still do not adequately protect privileged accounts.


An all too common failure, given low priority.  Watch what happens when North Korea crashes their systems.
SEC must improve how it protects its networks against cyberattacks, says watchdog
Wall Street’s top U.S. regulator needs to improve the way it protects its own computer networks from cyber attacks, according to a new report by a congressional watchdog office.
The 27-page report by the Government Accountability Office found the Securities and Exchange Commission did not always fully encrypt sensitive information, used unsupported software, failed to fully implement an intrusion detection system and made missteps in how it configured its firewalls, among other things.
“Information security control deficiencies in the SEC computing environment may jeopardize the confidentiality, integrity, and availability of information residing in and processed by its systems,” the GAO said.


Just in case you Mac users were starting to feel all safe and secure…
WikiLeaks Details Mac OS X Hacking Tools Used by CIA
The latest round of documents published by WikiLeaks as part of a leak dubbed by the organization “Vault 7” describes several tools allegedly used by the U.S. Central Intelligence Agency (CIA) to target Mac OS X and other POSIX systems.
The tools, said to be part of a CIA project named “Imperial,” are called Achilles, Aeris and SeaPea.


Large collections of data are valuable.  No surprise that people will want to use a database that contains information on everyone in the country!
Ola employee accused of data theft from Aadhaar website
The Unique Identification Authority of India (UIDAI) has registered a case with the Bengaluru Police against Abhinav Srivastava and Qarth Technologies Pvt Ltd for misusing Aadhaar data obtained from its website without any authentication.
Chennai-based Qarth Technologies was acquired by India's largest taxi aggregator Ola in March last year, to help grow its in-house payments service.
   While the report does not divulge any further details on the nature of the violation, a cyber expert who did not want to be named speculated that Qarth could have been using someone else's license to access Aadhaar data for eKYC, which is not allowed as per the regulations set by the Aadhaar Act.


If the courts do it this way, following their example might be wise.
Ebook – Best Practices for Court Privacy Policy Formulation
by on
“A State Justice Institute supported report, “Best Practices for Court Privacy Policy Formulation” authored by three of our NCSC colleagues, Tom Clarke, Jannet Lewis and Di Graski has just been released.
The report begins: “As state and local courts progressively convert their business processes from paper to electronic formats, policies around remote electronic access to court case information by the public become ever more important.  COSCA last addressed this issue comprehensively in 2002 with a report authored by Martha Steketee and Alan Carlson that proposed a model policy for public access.  At that time, few courts had implemented electronic filing, so the model policy addressed both manual and electronic access.  In the fifteen years since then, courts have learned a lot about living in an electronic world and providing remote access to their case data and documents.  Consequently, there is a need to update what we know about this topic and revise the model policy.” 


Can we expect the same for President Trump as he deletes tweets and blocks people?
Court Rules Against Politician Who Banned Access to Her Facebook Page
A federal court in Virginia ruled that a local politician violated the free-speech rights of a constituent she banned from her Facebook page, in a case the judge said raises “important questions” about the constitutional restrictions that apply to social media accounts of elected officials.


Perhaps Rolls Royce is showing us what will be possible with self-driving cars.  (This one is not self-driving.)
Phantom VIII Heralds Arrival Of The House Of Rolls-Royce
   The 8-speed ZF gearbox retains satellite-linked intelligence, which reads GPS data about the road ahead then preloads shift sequences for upcoming corners.

Thursday, July 27, 2017

My students have been discussing this.  They were shocked that government “managers” go off so lightly. 
Sweden Data Scandal Costs Two Ministers Their Jobs
Two Swedish ministers lost their jobs on Thursday over a huge leak of sensitive data that has rocked the fragile centre-left government.
But Prime Minister Stefan Lofven vowed he would be staying on despite speculation he could call a snap election.
Interior Minister Anders Ygeman, a political heavyweight previously seen as a likely future prime minister, has resigned, Lofven said at a press conference, adding that Infrastructure Minister Anna Johansson will also step down.
   The scandal has blown up in recent weeks after it emerged that an entire database on Swedish drivers' licences was made available to technicians in the Czech Republic and Romania, with media reporting that the identities of intelligence agents may have been jeopardised.
   Swedish Defence Minister Peter Hultqvist kept his job in the reshuffle despite facing claims that, like the interior minister, he knew about the scandal but failed to tell the premier.
However, Hultqvist still faces the threat of being forced out in a censure motion launched by the opposition on Wednesday against all three ministers caught up in the scandal.


Interesting because Diebold also make voting machines.
Critical Vulnerability Found in Diebold ATM Machine
Seattle-based IOActive has issued a critical security advisory detailing a physical and authentication bypass in the Diebold Opteva ATM.
"IOActive has discovered two vulnerabilities in Opteva ATMs with the AFD platform that, when combined," warns the advisory "may allow an unauthorized user to vend notes from the device."
The combined use of the vulnerabilities is necessary because of ATMs' practice of separating the safe from the operating system. Diebold's Opteva line of ATMs with the AFD platform contain an upper cabinet for the operating system and a lower cabinet for the safe, each with its own authentication requirements.


Without hard currency, Kim can’t buy luxury goods.
North Korea’s Army of Hackers Has a New Target: Bank Accounts — “Operates Like Organized Crime”
North Korea’s cyberarmy has splintered into multiple groups and is unleashing orchestrated attacks increasingly focused on funneling stolen funds to the secretive nation, according to a government-backed South Korean report released Thursday.
The emphasis on finances represents a significant shift from Pyongyang’s prior patterns of attack seeking to obtain military information, destabilize networks or intimidate.  It also shows how North Korea’s fast-evolving—but costly—nuclear-missile program has accelerated its need for cash as it is subjected to financial sanctions.
   “North Korea now cares more about making money than causing disruptions or cyberterrorism,” said Joon Kim, owner of Naru Security Inc., who has advised South Korean law enforcement on cyber issues.
South Koreans have a unique lens into North Korea’s cyberoffenses, as Pyongyang’s longest-running and most frequent target.  South Korean government groups and agencies withstand 1.4 million hacking attempts a day, according to law-enforcement and intelligence officials.


Interesting paraphrase of “Those who do not study history…”
Those who fail to pay attention are often the first to succumb to new hacks and scams
   Scammers, having noted that mobile traffic is now greater than PC traffic on a worldwide scale, are starting to adapt their techniques to take advantage of mobile users.  And seeing as how mobile devices tend to be less protected than PCs, this is a winning move for them.
   Here’s an example URL from PhishLabs:
http://m.facebook.com----------------validate----step1.rickytaylk.com/sign_in.html
Visiting the site presents you with an exact replica of the actual mobile version of Facebook’s homepage, asking you to enter your credentials so you can log in.  A knowledgeable-but-inattentive user might glance at the URL, see m.facebook.com, consider the coast clear, and sign in.
Once you enter your credentials, the game is over.
   Keen readers will note that the actual domain of this suspicious URL is rickytaylk.com


Fight back against ransomware.
NoMoreRansom Says 28,000 Victim Devices Decrypted
This week marks the one-year anniversary of the launch of the NoMoreRansom project.  The project comprises an alliance of law enforcement agencies and private industry, currently totaling 109 partners.  Its purpose is to gather all known ransomware decryptors in one location (the NoMoreRansom website) so that ransomware victims can at least attempt to decrypt encrypted files.
The project was launched on July 25, 2016 by the Dutch National Police, Europol, McAfee and Kaspersky Lab and now holds access to 54 decryption tools provided by 9 partners and covering 104 ransomware families.  The site itself is available in 26 languages.


How might we use these techniques other than in elections? 
Russian Spies Used Facebook To Trick Macron Allies: Report
The Kremlin has long denied French President Emmanuel Macron's allegations of Russian subterfuge during his election campaign, but three different sources, including a U.S. congressman, have now told Reuters that an attempted surveillance operation on Macron did take place on social media.
According to the report, around two dozen Facebook accounts were created in the run-up to the election in attempts to infiltrate Macron's social circles, likely with malicious intent.
   During the alleged operation, Russian agents posed as people with common acquaintances of Macron’s associates and sought personal information about the candidate’s social life.
   Macron’s campaign suspected Russian intervention when his team was the target of a hack days before the election earlier this year, though French authorities have so far not blamed the cyberattack on any government.
U.S. intelligence agencies told Reuters in May that hackers with connections to the Russian government were involved in the French election, but they did not have conclusive evidence that the Kremlin ordered the hacking.

(Related).  Somewhat of a “Users Guide.”  Who would you like to be elected President in 2020?
Paper – The spread of fake news by social bots
by on
The spread of fake news by social bots, Chengcheng Shao, Giovanni Luca Ciampaglia, Onur Varol, Alessandro Flammini, and Filippo Menczer. Indiana University, Bloomington. July 24, 2017.
“The massive spread of fake news has been identified as a major global risk and has been alleged to influence elections and threaten democracies.  Communication, cognitive, social, and computer scientists are engaged in efforts to study the complex causes for the viral diffusion of digital misinformation and to develop solutions, while search and social media platforms are beginning to deploy countermeasures.  However, to date, these efforts have been mainly informed by anecdotal evidence rather the systematic data.  Here we analyze 14 million messages spreading 400 thousand claims on Twitter during and following the 2016 U.S. presidential campaign and election.  We find evidence that social bots play a key role in the spread of fake news.  Accounts that actively spread misinformation are significantly more likely to be bots.  Automated accounts are particularly active in the early spreading phases of viral claims, and tend to target influential users.  Humans are vulnerable to this manipulation, retweeting bots who post false news.  Successful sources of false and biased claims are heavily supported by social bots.  These results suggests that curbing social bots may be an effective strategy for mitigating the spread of online misinformation.” [via Pete Weiss]


Ensuring that no one interferes with Mark Zuckerberg’s run in 2020?  
Facebook funds Harvard group trying to fight election hacking
   The social media giant’s money will go to Defending Digital Democracy, a group led by former campaign chairs for Hillary Clinton and Mitt Romney, based at Harvard’s Kennedy School of Government.
   At Black Hat, an IT security conference, Facebook Chief Security Officer Alex Stamos said the project was born out of the company realizing that no one was taking responsibility for issues of election hacking.
   Facebook's efforts in the space come after CEO Mark Zuckerberg initially downplayed the platform being used as a mechanism to try to influence the election. 
"To think [Facebook] influenced the election in any way is a pretty crazy idea," Zuckerberg said last November after the election.


X rays probably won’t kill your laptop. 
TSA to require electronics larger than cellphones be X-rayed
The Transportation Security Administration (TSA) announced Wednesday that travelers will now be required to place all electronics larger than a cellphone into separate bins in order to receive X-ray screening.
It’s the latest move from the Trump administration as it looks to ramp up national security.
   The policy will not apply to passengers enrolled in TSA’s PreCheck program, and there have not been any changes to what is allowed in carry-on bags.


Is this what will replace Obamacare?
Amazon has a secret health care team called 1492 focused on medical records, virtual doc visits
   The new team is currently looking at opportunities that involve pushing and pulling data from legacy electronic medical record systems.  If successful, Amazon could make that information available to consumers and their doctors.  It is also hoping to build a platform for telemedicine, which in turn could make it easier for people to have virtual consultations with doctors, one of the people said.  


Interesting when viewed with the next article.
Meg Whitman leaves HP's board

(Related).  How bad does Meg want this job? 
Uber’s New CEO Short List Is Said to Include HPE’s Meg Whitman


Perspective.
WhatsApp: Now one billion people send 55 billion messages per day
The eight-year old messaging app WhatsApp is now used by one billion people every day.
WhatsApp reached the one billion active monthly user milestone a year ago, and now has 1.3 billion monthly active users, most of whom use it daily, according to WhatsApp.
WhatsApp shared the daily active user numbers in a blogpost along with other metrics showing how people use the app following Facebook's Q2 2017 earnings yesterday.


Perspective.  What works well on desktops is not as handy on Smartphones, the new hardware environment.
Google is killing Instant Search, which rendered search results in realtime as you typed.  The problem, according to Google, is we all now do most of our searching on smartphones, and Instant Search makes no sense on smartphones.  So killing the feature is the only sensible option.


On occasion, I find small companies that strike me as potentially important.  This might be one.
WalkMe raises $75M at a ‘$935M’ valuation for its on-screen guidance tech
Today, WalkMe — company that has built a cloud-based platform for businesses to make web and mobile interfaces and experiences easier to navigate with on-screen guidance and prompts — has raised $75 million.
   WalkMe’s core premise is that it builds tools to make a business’s software and apps more usable by its employees and customers.  When it was still a young company, back in 2012, I snarkily compared it to Microsoft’s Clippy, for its mission of offering assistance and helping show users around different features.
In reality, WalkMe’s platform is more powerful and complex than this: it observes how a user makes his or her way around a page on the screen, anticipates what that user might want to do next and notices when there are problems, and then makes suggestions and other helpful nudges.
It taps into the constant issues that business and software makers have with UX and UI that keep products from being ultilised quite how people hope they will be.


Stocking my Digital Forensics toolkit.
FireEye Releases Free Malware Analysis Toolbox
   FLARE VM – where FLARE stands for FireEye Labs Advanced Reverse Engineering – is a Windows-based security distribution inspired by Linux distros such as Kali and REMnux.  It was developed by FireEye threat researcher Peter Kacherginsky in order to address the challenges associated with maintaining a custom VM.
It provides a platform that includes a comprehensive collection of security tools that can be used to conduct malware analysis, reverse engineering, incident response, forensic investigations and penetration testing.  It includes disassemblers, debuggers, decompilers, static and dynamic analysis, exploitation, vulnerability assessment, and network analysis tools.
   FireEye has made available usage instructions and source code on GitHub.  A blog post published by the company also provides an example for how FLARE VM can be used to analyze a malware sample.

(Related).  Guidance is another big player in this field.  Apparently, Digital Forensics is gaining in importance. 
OpenText acquires forensic security vendor Guidance Software for $240 million
   This acquisition gives the company some overlapping functionality too, but Cheryl McKinnon, an analyst with Forrester Research who monitors the content management industry, says it also gives the company forensics tools, which are new to them.
“It certainly adds, with some overlap, to their eDiscovery and file analytics portfolio (i.e. , those tools to clean up network drives, detect sensitive text inside documents, etc.).  But OpenText has never had anything focused more on the forensic side of the discovery business. — that is, more security, deeper inspection of how information [has been] accessed, copied, etc. So that forensics side is net new for them,” McKinnon explained.
Not surprisingly, the company is focusing on that forensic piece in its announcement, but it’s also getting a rich set of eDiscovery tools, and a customer list that includes 78 of the Fortune 100 companies, according to the Guidance website.


Have 3D printer, will print.
View and Print in 3D More Than 200 Objects from The British Museum
The British Museum collection on Sketchfab contains 216 3D models of artifacts in The British Museum's collections.  You can view these models in 3D in your web browser or in a virtual reality viewer.  (To view the models in your browser your browser needs to support WebGL, you can test your browser here).  If you have a 3D printer, you can print the models yourself by downloading the corresponding files from Sketchfab.  You can also embed the models into a webpage as I have done below.
   Speaking of 2D views, the museum does offer more than one million images of their artifacts.


Just because…

Wednesday, July 26, 2017

Big Data, big breaches, huge numbers of records stolen…  The market for my Computer Security students should also be huge. 
2,227 Breaches Exposed 6 Billion Records in First Half of 2017: Report
The number of publicly disclosed data compromise events through June 30 remained in line with the number of breaches disclosed mid-way through 2015 and 2016, but the total number of records exposed surpassed 2016’s year-end high mark.
The top 10 data breaches exposed 5.6 billion of the 6 billion records compromised, and had an average severity score of 9.82 out of 10.0, Risk Based Security’s report (PDF) reveals.

(Related).  Sounds small compared to the cost of all security breaches, but smaller victims are hit hard.
Russell Brandom reports:
Ransomware victims have paid more than $25 million in ransoms over the last two years, according to a study presented today by researchers at Google, Chainalysis, UC San Diego, and the NYU Tandon School of Engineering.  By following those payments through the blockchain and comparing them against known samples, researchers were able to build a comprehensive picture of the ransomware ecosystem.
Read more on The Verge.


Addressing claims of underreporting? 
HHS Unveils Improved Web Tool to Highlight Recent Breaches of Health Information
by on
“The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) today launched a revised web tool that puts important information into the hands of individuals, empowering them to better identify recent breaches of health information and to learn how all breaches of health information are investigated and successfully resolved.  The HIPAA Breach Reporting Tool (HBRT) features improved navigation for both those looking for information on breaches and ease-of-use for organizations reporting incidents.
   The HBRT may be found at:  https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf.  For additional information on HIPAA breach notification, visit:  https://www.hhs.gov/hipaa/for-professionals/breach-notification


For my Computer Forensic students.


Searching for Privacy violations is probably not high on their priority list. 
Newly declassified memos detail extent of improper Obama-era NSA spying
The National Security Agency and Federal Bureau of Investigation violated specific civil liberty protections during the Obama years by improperly searching and disseminating raw intelligence on Americans or failing to promptly delete unauthorized intercepts, according to newly declassified memos that provide some of the richest detail to date on the spy agencies’ ability to obey their own rules.
The memos reviewed by The Hill were publicly released on July 11 through Freedom of Information Act litigation by the American Civil Liberties Union.
They detail specific violations that the NSA or FBI disclosed to the Foreign Intelligence Surveillance Court or the Justice Department's national security division during President Obama’s tenure between 2009 and 2016.
   The NSA says that the missteps amount to a small number — less than 1 percent — when compared to the hundreds of thousands of specific phone numbers and email addresses the agencies intercepted through the so-called Section 702 warrantless spying program created by Congress in late 2008.


I wonder how our intelligence services are using this.  Could we be supplying a bit of propaganda?  Trolling for potential defectors?  Attempting to recruit regime changers?
North Korea's Elite More Connected Than Previously Thought
Telecommunications capability in North Korea is three-tiered.  The vast majority of people have neither internet nor North Korean intranet connectivity -- they simply have mobile telephony voice, text and picture/video messaging within the domestic provider, Koryolink.
A small group of others, including university students, scientists and some government officials, can access the state-run North Korean intranet, Kwangmyong, that links libraries, universities and government departments and comprises a limited number of domestic websites.
A much smaller group from the ruling elite does, however, have full access to the internet.  From April 1 through July 6, 2017, Recorded Future analyzed internet traffic from this small group of officials, and concluded that the standard view of North Korea is not entirely accurate: its leadership at least is not isolated from the rest of the world.
In a report and analysis conducted in partnership with Team Cymru and published today, Recorded Future notes that North Korean leadership's internet activity is little different to the rest of the world's internet activity: "North Koreans spend much of their time online checking social media accounts, searching the web, and browsing Amazon and Alibaba," notes the report.  "Facebook is the most widely used social networking site for North Koreans, despite reports that it, Twitter, YouTube, and a number of others were blocked by North Korean censors in April 2016."


Global company, global law?
Google Fights Against Canada's Order to Change Global Search Results
In June, Canada's Supreme Court came down on Google—hard.  It ruled that the tech giant must take down certain Google search results for pirated products.  And not just in Canada, but globally.  Now, Google is going south of the Canadian border to push back on this landmark court ruling.  The tech giant filed an injunction Monday with the US District Court for Northern California, arguing that globally removing the search results violates US law, and thus Google should not be forced to comply with the Canadian ruling.
Because the case had already made its way to the highest court in Canada, Google should have not been able to fight the ruling.  But Google is hoping to find a loophole on American soil by arguing this violates the First Amendment.
“We’re taking this court action to defend the legal principle that one country shouldn’t be able to decide what information people in other countries can access online,” says David Price, senior product counsel at Google.  “Undermining this core principle inevitably leads to a world where internet users are subject to the most restrictive content limitations from every country.”


Disrupting advertising?  Probably won’t win Facebook many friends.  Could Russia (or an agent) promote the “news” it prefers?
Paying To Promote News Stories On Facebook Is The Ad World’s Favorite New Tactic
When the workplace gossip app Blind expanded its product’s availability earlier this summer, it got the word out via an age-old tactic: advertising.  But instead of running a traditional ad campaign, the company took a route gaining favor among advertisers big and small: It paid Facebook to promote a favorable review of its service.
Blind spent thousands of dollars promoting a Mashable article headlined “Silicon Valley's secret app Blind opens the floodgates.”  The post drove more than 11,000 visits to its app download page, according to publicly available analytics.  The campaign worked out nicely for Blind — and for Facebook, a master at making money off of other people’s content.  But Mashable, which sells advertising to companies like Blind, didn’t see a dime.  Neither did any other traditional publisher.


Is “big” always “bad?”
In the 1980s and 1990s, Blockbuster modernized the movie rental business.  It offered far more movies than its smaller rivals, used computers to better manage that inventory, and designed its stores to be bright and family friendly.  By 1993, just eight years after its founding, Blockbuster was the global leader in movie rentals, with more than 3,400 stores worldwide.
Then Netflix happened.  Blockbuster went bankrupt in 2010.
Economist Luigi Zingales mentions the Blockbuster story in a recent paper as an example of how the economy ought to work.  A company has an innovative idea, which for a while provides competitive advantage.  Later on, a new innovator comes along and pushes it aside.
But Zingales fears that this isn’t happening as often as it should.  Instead, he argues, the U.S. economy may be succumbing to what he calls “the Medici cycle,” named for the powerful family of medieval Florence.  Their motto — or at least the motto often attributed to them — was “Money to get power. Power to protect money.”  And Zingales fears that a version of this motto aptly describes the true strategy of at least some of corporate America.
Zingales’s paper is the latest in a flurry of research and commentary on the rising concentration of corporate power in the U.S.


A slight exaggeration but I wonder why President Trump hasn’t claimed victory?
Now hiring every available human: Amazon posts 50,000 warehouse jobs in U.S.
   Of those postings, 10,000 are for part-time gigs, while the rest are for full-time positions. The roles span the duties required to “pick, pack, and ship customer orders” across its various warehouses, the company said.
Back in January, Amazon said it would increase its U.S. headcount over the next 18 months to 280,000 employees, an increase of around 55 percent.
   The company is hosting job fairs at 10 of its fulfillment centers on August 2 to give candidates a look inside, and it plans to make job offers to some candidates on the spot.


For my students, because I want recent article, nothing more than two years back.  (200 Internet years)


Just in case you are wondering…
Check online for contaminants in your city's drinking water
You can learn what’s in your drinking water with a new database that allows you to type in your ZIP code and find out which contaminants are going along for the ride when you turn on the faucet.

Tuesday, July 25, 2017

I didn’t realize how big this was.
One in Ten U.S. Organizations Hit by WannaCry: Study
WannaCry stormed the world in mid-May by leveraging a previously patched exploit called EternalBlue, which hacker group Shadow Brokers allegedly stole from the NSA-linked Equation Group.  The ransomware mostly infected Windows 7 computers that hadn’t been patched in due time, and also revealed the destructive impact of a global outbreak.  NotPetya confirmed the risk in late June.
According to a survey (PDF) from software lifecycle automation solutions provider 1E, 86% of the organizations in the U.S. had to “divert significant resources” to safeguard themselves during the WannaCry attack.  Only 14% of the respondents revealed their organization was prepared for such an attack.
The study also shows that 86% of organizations don’t apply patches immediately after they are released, thus leaving endpoints and entire networks exposed to such attacks.  While 14% of respondents said they apply patches immediately, 36% apply them within one week after release, and 27% need up to a month for that, while 23% don’t apply patches within a month after release.


It’s the same with vampires.  You are only at risk when you invite them in. 
iRobot wants to sell Roomba-generated maps of your home
iRobot, creator of the Roomba, plans to sell the data the house-cleaning robot collects when it maps your house.  Potential buyers include smart home device manufacturers, such as Amazon, Apple and Google.
iRobot's business strategy hinges on regular updates [Because furniture moves, not walls.  Bob] and understanding the floor plan of your home, according to Reuters.
   Roombas have been mapping homes since 2015 using a camera and sensors or visual localisation and cloud-connected app control.  The Roomba uses these maps to avoid toppling over lamps and ramming into your furniture.  It was made compatible with Amazon's Alexa voice assistant in March.


Ubiquitous surveillance.  Is it possible to go unnoticed and unrecorded? 
Google snaps every search your phone makes – yes, even that one
Google’s latest update keeps a screenshot for later.  Much like how Google Maps remembers everywhere you’ve ever been so you can find your car, Google (the search engine app) keeps a snapshot history of what you’ve searched for in Google Search.  This search history does not make a significant impact on your smartphone’s data storage space as it’s all stored with Google on Google’s servers.


Did anyone check?  Were there any managers involved? 
Is this why United, TSA clashed on Twitter over comic books on planes?
Passengers flying with United Airlines UAL, out of San Diego — site of the popular Comic-Con event this weekend — were greeted by a message telling them to remove books from their checked luggage.  United then responded on Twitter to a post with a picture of the message saying the requirement was set by the Transportation Security Administration.
Subsequently, the TSA sent out its own tweet noting that there are no restrictions on checking books, which a spokesperson confirmed to MarketWatch.


Fodder for conspiracy theories.
National Archives Begins Online Release of JFK Assassination Records
by on
[At 8am on July 24, 2017] the National Archives released a group of documents (the first of several expected releases), along with 17 audio files, previously withheld in accordance with the JFK Assassination Records Collection Act of 1992.  The materials released today are available online only.  Access to the original paper records will occur at a future date.  Download the files online: https://www.archives.gov/research/jfk/2017-release.  Highlights of this release include 17 audio files of interviews of Yuri Nosenko, a KGB officer who defected to the United States in January 1964.  Nosenko claimed to have been the officer in charge of the KGB file on Lee Harvey Oswald during Oswald’s time in the Soviet Union.  The interviews were conducted in January, February, and July of 1964.  This set of 3,810 documents is the first to be processed for release, and includes FBI and CIA records—441 documents previously withheld in full and 3,369 documents previously released with portions redacted.  In some cases, only the previously redacted pages of documents will be released.  The previously released portions of the file can be requested and viewed in person at the National Archives at College Park (these records are not online).  The re-review of these documents was undertaken in accordance with the John F. Kennedy Assassination Records Collection Act of 1992, which states: “Each assassination record shall be publicly disclosed in full, and available in the Collection no later than the date that is 25 years after the date of enactment of this Act, unless the President certifies, as required by this Act, that continued postponement is made necessary” by specific identifiable harm.  The act mandated that all assassination-related material be housed in a single collection in the National Archives and defined five categories of information that could be withheld from release.  The act also established the Assassination Records Review Board to weigh agency decisions to postpone the release of records.  The National Archives established the John F. Kennedy Assassination Records Collection in November 1992, and it consists of approximately five million pages of records.  The vast majority of the collection (88 percent) has been open in full and released to the public since the late 1990s.  The records at issue are documents previously identified as assassination records but withheld in part or in full.  Federal agencies have been re-reviewing their previously withheld records for release, and will appeal to the President if they determine that records require further postponement.  Online resources:


For the toolkit.