Thursday, January 25, 2018

Arming my students.

For my Computer Security students debating how to secure self-driving cars. What is fixed, what changes?
Why Tesla's Autopilot Can't See a Stopped Firetruck
… “Traffic-Aware Cruise Control cannot detect all objects and may not brake/decelerate for stationary vehicles, especially in situations when you are driving over 50 mph (80 km/h) and a vehicle you are following moves out of your driving path and a stationary vehicle or object is in front of you instead.”

(Related) Suggesting that self-driving cars are being given the ‘fast track’ to approval?
2 Federal Agencies Send Teams to Probe Tesla Freeway Crash
Two federal agencies have dispatched teams to investigate the California crash of a Tesla Model S electric car that may have been operating under its semi-autonomous "Autopilot" system.
It's the second time the National Transportation Safety Board and the National Highway Traffic Safety Administration have investigated the performance of Autopilot, which keeps a vehicle centered in its lane at a set distance from cars in front of it and also can change lanes and brake automatically.
The safety board sent two investigators to Culver City on Tuesday, according to spokesman Peter Knudson, while NHTSA confirmed Wednesday that it is also dispatching a special team "to investigate the crash and assess lessons learned."

Another area of discussion for my Computer Security students.
Compromised Credentials: The Primary Point of Attack for Data Breaches
Recent headlines of Russia-linked hackers harvesting access credentials to infiltrate the U.S. Senate and stage lateral attacks illustrate a common tactic used by cyber criminals and state-sponsored attackers. According to the Verizon 2017 Data Breach Investigation Report, a whopping 81% of hacking-related breaches leverage either stolen, default, or weak passwords. So why are so many organizations still focusing on securing the network perimeter, instead of rethinking their core defenses by maturing their identity and access management strategies to secure applications, devices, data, and infrastructure — both on-premises and in the cloud.
The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even worse if a stolen identity belongs to a privileged user, who has even broader access, and therefore provides the intruder with “the keys to the kingdom”. By leveraging a “trusted” identity a hacker can operate undetected and exfiltrate sensitive data sets without raising any red flags. As a result, it’s not surprising that most of today’s cyber-attacks are front-ended by credential harvesting campaigns. Common methods for harvesting credentials include the use of password sniffers, phishing campaigns, or malware attacks.
To address these problems, organizations should consider the following best practices for identity and access management that fall into four levels of maturity: ‘Good’, ‘Better’, and ‘Great’ to ‘Optimal’:

A resource to watch?
World Economic Forum Announces Global Centre for Cybersecurity
The World Economic Forum (WEF) is establishing a new Global Centre for Cybersecurity "to help build a safe and secure global cyberspace."
This was announced at the 48th Annual Meeting currently taking place in Davos-Klosters, Switzerland. This year's WEF theme is Creating a Shared Future in a Fractured World. WEF's annual Global Risk Report for 2018 shows cyberattacks are now considered the third most serious global threat behind only extreme weather and natural disasters. Data fraud/theft is fourth.

For my Data Management students.
Big Data Trends
Big data is no longer just a buzzword. Researchers at Forrester have "found that, in 2016, almost 40 percent of firms are implementing and expanding big data technology adoption. Another 30 percent are planning to adopt big data in the next 12 months." Similarly, the Big Data Executive Survey 2016 from NewVantage Partners found that 62.5 percent of firms now have at least one big data project in production, and only 5.4 percent of organizations have no big data initiatives planned or underway.
… the following trends are clearly shaping Big Data going forward.

A survey of my students seems in order: will you trust Apple with your health data?
Romain Dillet reports:
Apple announced a new health effort as part of iOS 11.3. The new Health Records section in the Health app lets you gather and view all your medical records. The company is partnering with hospitals and clinics.
Apple released the first beta version of iOS 11.3 today. While the new version of iOS is going to remain in beta testing for a couple of months, it should be available as a free download to all iPhone users pretty soon.
Read more on TechCrunch.

Something to tease my lawyer friend with? (Nothing there yet)
Blockchain Law Class
“This is an applied course designed to introduce students to the emerging social, economic and legal issues associated with blockchain and crypto-enabled technologies. The course is a survey designed for students with little or no prior experience with these technologies. The course is divided into three modules: (1) an introduction to blockchain and crypto technologies; (2) applications of the technologies; and (3) the law applicable to the technologies. Still in beta – we will be adding much more to this page in the coming months!”

Perhaps we should form an Association of Independent Broadband Communities?
750+ American Communities Have Built Their Own Internet Networks
MotherBoard – A new map shows that more communities than ever are building their own broadband networks to end big telecom’s monopoly: “More communities than ever are embracing building their own broadband networks as an alternative to the Comcast status quo. According to a freshly updated map of community-owned networks, more than 750 communities across the United States have embraced operating their own broadband network, are served by local rural electric cooperatives, or have made at least some portion of a local fiber network publicly available. The map was created by the Institute for Local Self-Reliance, a nonprofit that advocates for local economies. These networks have sprung up across the nation as a direct reflection of the country’s growing frustration with sub-par broadband speeds, high prices, and poor customer service. They’ve also emerged despite the fact that ISP lobbyists have convinced more than 20 states to pass protectionist laws hampering local efforts to build such regional networks…”

Another vast collection of resources.
New on LLRX – Business Intelligence Online Resources 2018
Via LLRXBusiness Intelligence Online Resources 2018 – This guide by Marcus Zillman focuses on selected free and fee based resources published by a range of reliable sources that researchers can use for tracking, monitoring and sector research discovery purposes, as well as on tools and techniques to leverage in their business intelligence work.

You Want Fries With That? Burger King Explains Net Neutrality In Less Than 3 Minutes.
Net neutrality is abstract for most people but put it in these terms and it becomes clearer: $26 for a Whopper that you get immediately versus $4.95 for a Whopper that you get in 20 minutes. Got it?

Not so brilliant?
Why breaking up Amazon, Google, Apple, and Facebook could save capitalism
… “We don’t break these guys up because they are evil,” he added. “That’s bullshit. They are no less or more evil than us. We don’t break them up because they avoid taxes. It’s our job to hold them accountable. We don’t break them up because they destroy jobs … We break these guys ups up because we are capitalists and it is time.

No comments: