Perhaps
Georgia wants to use that vulnerability?
AP reports:
Lying about your weight on an online dating site? Checking out who won the Falcons game from your work computer? Using your computer hacking knowledge as an “ethical hacker?” Those actions may become illegal if a Georgia bill gets voted into law, civil liberty advocates say.
Supporters of a bill making its way through the state legislature say it’s designed to give law enforcement the ability to prosecute “online snoopers” — hackers who break into a computer system but don’t disrupt or steal data. The legislation came in response to a recent data breach at a Georgia university in which unauthorized cybersecurity experts noticed the vulnerability of Georgia’s voting records.
Read more on Times
Free Press.
Local interest.
Kirk Mitchell reports:
Russian computer hackers operating in Colorado and 15 other states used data-mining viruses to steal thousands of credit card numbers from U.S. residents in 20 states and sold them on the darknet for more than $3.6 million, according to federal court documents.
As part of the wide-scale criminal operation, so-called “carders” from Russia advertised and sold the numbers to Ukrainian operatives using the Rescator network of websites — named for a Ukranian hacker who specializes in the sale of stolen credit cards.
Read more on The
Denver Post.
For
my Ethical Hacking students: It’s where the money is!
Feds No
Longer Need Apple Consent To Crack Nearly Any iPhone Thanks To
Cellebrite iOS 11 Exploit
Cellebrite,
an Israeli company known for selling solutions to law enforcement
agencies around the globe to unlock smartphones, is back in the news
again. This time around, the company is touting a
new solution that would make it possible to crack just about any
device that is currently running Apple's iOS
11 operating system.
To understand why this announcement is so pivotal,
we must rewind to just over two years ago. Following the San
Bernardino terrorist attack that left 14 people dead in late 2015,
Apple and the U.S.
Department of Justice got into a war
of words about device encryption and backdoor software access,
bringing the subject to a mainstream audience. Law enforcement
officials – lead primarily by the FBI – argued that they needed
access to one of the perpetrators' iPhones for national security
reasons. Apple argued that providing backdoor access to the FBI
or other agencies could lead to a reduction in security for all
of its customers and stood
its ground.
In the end, the FBI ended up gaining access to the
iPhone 5c thanks
to software [reportedly] made
by Cellebrite. Now, Cellebrite's ability to crack encryption on
iPhones extends to all current hardware capable of running iOS 11
including the iPhone
X. According to sources for Forbes', the latest hack to
circumvent Apple security was perfected over the past few months and
is being shopped around to Cellebrite's usual law enforcement
clientele.
Cellebrite describes its services, writing, "These
new capabilities enable forensic practitioners to retrieve the full
file system to recover downloaded emails, third-party application
data, geolocation data and system logs, without needing to jailbreak
or root the device.
… We should note that Android devices aren't
immune from Cellebrite's tentacles either, as it can access data
on "Samsung Galaxy and Galaxy Note devices; and other popular
devices from Alcatel, Google Nexus, HTC, Huawei, LG, Motorola, ZTE,
and more."
“The best laid schemes o' mice
an' men / Gang aft a-gley.” What about failure to plan?
USPS
Finally Starts Notifying You by Mail If Someone is Scanning Your
Snail Mail Online
In October 2017, KrebsOnSecurity warned
that ne’er-do-wells could take advantage of a relatively new
service offered by the U.S.
Postal Service that provides scanned images of all
incoming mail before it is slated to arrive at its destination
address. We advised that stalkers or scammers could abuse this
service by signing up as anyone in the household, because the USPS
wasn’t at that point set up to use its own unique communication
system — the U.S. mail — to alert residents when someone had
signed up to receive these scanned images.
The USPS recently told this publication that
beginning Feb. 16 it started alerting all households by mail whenever
anyone signs up to receive these scanned notifications of mail
delivered to that address. The notification program, dubbed
“Informed Delivery,”
includes a scan of the front of each envelope destined for a specific
address each day.
Perhaps a method to identify potential school
shooters?
Your digital footprint — how often you post on
social media, how quickly you scroll through your contacts, how
frequently you check your phone late at night — could hold clues to
your physical and mental health.
That at least is the theory behind an emerging
field, digital phenotyping, that is trying to assess people’s
well-being based on their interactions with digital devices.
Researchers
and technology
companies are tracking users’ social media posts, calls,
scrolls and clicks in search of behavior changes that could correlate
with disease symptoms. Some of these services are opt-in. At least
one is not.
(Related) At least Dilbert keeps up.
Interesting stats?
Law and
reputation firms generate 21% of Right to Be Forgotten delistings,
says Google
Google says that there are “tens of thousands”
of Right
to Be Forgotten (RTBF) requests filed each month in Europe. In a
new blog
post, the company explains that it’s updating its “Transparency
Report,” which details RTBF requests, to include new categories of
information.
In addition to reporting aggregate data on
requests, their countries of origin and percentages granted, Google
says it will now reveal:
-
The type of individual/entity making the request: private vs. non-private (government entity, corporations, NGOs)
-
What sort of content is associated with the request: personal information, professional information, criminal activity
-
Whether the site on which the link appears is a directory site, news site, social media or other.
-
Delisting rate by content category
Google is simultaneously releasing a
report that provides more depth and detail on the nature of
delisting requests, summarizing three years of data since RTBF first
came into being in May 2014. The high-level findings are provided in
an infographic in the blog post.
In the report, Google says there are “two
dominant intents for RTBF delisting requests.” Roughly a third (33
percent) of requests are related to personal information on social
media and directory sites. Another 20 percent relate to news and
government websites that contain “a requester’s legal history.”
The rest are diverse and span a range of content types and
objectives.
… One of the more interesting disclosures in
the report is that there is a category of high-volume RTBF
requesters. Google reports that the top 1000 requesters “generated
14.6 percent of requests and 20.8 percent of delistings. These
mostly included law firms and reputation management agencies, as well
as some requesters with a sizable online presence.”
For my Data Management students. Apparently,
Online is cheaper than creating and storing CDs.
Public
broadcaster music library closing, CDs to be digitised, destroyed
Radio
Canada International: “Canada’s public broadcaster CBC
(English) and Radio-Canada (French) is going through massive changes.
The sprawling headquarters of the Radio-Canada network in Montreal
have been sold, and the organisation will move to new and much
smaller rented quarters being built on one of the former parking
lots. With huge funding cuts from the government and increasing
costs, this has meant equally massive staff and production cuts.
Rapidly developing technological developments are also driving the
changes. The broadcaster with stations across the country has, over
the decades, amassed a vast collection of recorded music and other
artefacts… The main French-language production centre of
Radio-Canada in Montreal has also been digitising its collection.
However, recently it was revealed that most of the collection of over
200,000 CDs will be destroyed when the process is completed in 2019
and prior to the move to new quarters in 2020. The destroyed
materials apparently will be recycled…”
When Social Media turns anti-social?
Meet Vero:
Why a billionaire's Instagram alternative is suddenly so popular
Instagram
haters are jumping on a new social media bandwagon.
Vero, a photo-sharing app that launched in 2015,
is the latest app to benefit from ongoing frustration with
Instagram's hated algorithm.
A week ago, the
app was ranked so low it didn't even appear in the App Store's
top 1,500 apps; today it's the most popular app in the entire App
Store. It's gotten so popular that the app's servers have been
overloaded, with many users unable to post or even sign up for an
account.
… So how does it make money?
The short answer is that it doesn't — at least,
not yet. Because there are no ads on the platform, Vero says it will
eventually rely on user subscriptions for the bulk of its revenue.
… And while it's not clear what has prompted
Vero's sudden surge, it appears to be at least partly due to
frustration's
with Instagram's algorithm, which has been bubbling up for
months.
Instagrammers have been upset over the app's
algorithm since it rolled out last year. But, unlike other changes,
which people have gotten used to over time, frustration seems to have
only intensified over time.
Now, Instagram users are promoting their Vero
accounts to followers. There are currently more than 500,000
Instagram posts tagged as #Vero, the majority of which are users
posting screenshots of their profiles and asking followers to join
them on the app.
Perspective. Back in my day, it was "Duck
and cover" and we couldn’t shoot back. Perhaps training
on how to recognize mental illness would be more valuable?
This is
America: 9 out of 10 public schools now hold mass shooting drills for
students
Read this and weep – and then get busy –
please: How
“active shooter” drills became normal for a generation of
American schoolchildren. “… Since Columbine, 32 states have
passed laws requiring schools to conduct lockdown drills to keep
students safe from intruders. Some states went even further after 20
children died in Newtown, Connecticut, in 2012. Now, six
states require specific “active shooter” drills each year.
That means the training must be specifically tailored to respond to
an armed gunman out to kill. There is no consensus on what these
drills should look like, but several states, including Missouri,
require shooting simulations with police officers…”
For my geeks…
Google’s
Flutter app SDK for iOS and Android is now in beta
Flutter
is Google’s open source toolkit for helping developers build iOS
and Android apps. It’s not necessarily a household name yet, but
it’s also less than a year old and, to some degree, it’s going up
against frameworks like Facebook’s popular React Native. Google’s
framework, which is heavily focused around the company’s Dart
programming language, was first announced at Google’s I/O
developer conference last year.
No comments:
Post a Comment