Monday, April 23, 2018

This could work with any nationality if scammers can tell visitors from citizens. I wonder of it works in other countries?
Don’t give money to the “Chinese Consulate,” FTC says in scam-busting report
Scammers are using a combination of phishing techniques and social engineering to trick people with Chinese last names into handing over their personal information and even make direct payments to the scammer.
The scheme isn’t new, with reports going back as early as 2015 when the Federal Communications Commission (FCC) told phone carriers to start using robocall-blocking services.
Now the Federal Trade Commission has had it too. A statement by the FTC said it has recently recorded a surge in complaints from customers claiming that scammers are purporting to call from the Chinese Consulate asking them for personal information and even cash.

Do many people still use Internet Explorer?
Internet Explorer zero-day alert: Attackers hitting unpatched bug in Microsoft browser
A well-resourced hacking group is using a previously unknown and unpatched bug in Internet Explorer (IE) to infect Windows PCs with malware.
… According to the firm, the vulnerability affects the latest versions of IE and other applications that use the browser.

National Health Systems are large targets.
Sue Dunleavy reports:
The sensitive health data of Australians is subject to a data breach every two days and the organisations and governments that fail to protect it are facing no financial penalties.
As outrage builds over Facebook’s failure to protect privacy, a News Corp investigation has uncovered health data that shows if Australians have a sexually transmitted disease, mental illness, HIV or an abortion, even whether they’ve used a prostitute, is not properly protected.
A new mandatory notification scheme that requires businesses to report to the Office of the Australian Information Commissioner when there is a data breach shows in the first 37 days of the new regime a data breach occurred every two days in the health sector.
Read more on Daily Telegraph

Cities with inadequate backups are also easy targets.
City of Atlanta Ransomware Attack Proves Disastrously Expensive
City of Atlanta Ransomware Attack Showcases Ethical Problem in Whether to Pay a Ransom or Not
Over the course of the last week, it has become apparent that the City of Atlanta, Georgia, has paid out nearly $3 million dollars in contracts to help its recovery from a ransomware attack on March 22, 2018 – which (at the time of writing) is still without resolution.
Precise details on the Atlanta contracts are confused and confusing – but two consistent elements are that SecureWorks is being paid $650,000 for emergency incident response services, and Ernst & Young is being paid $600,000 for advisory services for cyber incident response. The total for all the contracts appears to total roughly $2.7 million. The eventual cost will likely be more, since it doesn't include lost staff productivity nor the billings of a law firm reportedly charging Atlanta $485 per hour for partners, and $300 per hour for associates. The ransom demand was for around $51,000.
Also worth considering is the SamSam attack on Hancock Health reported in January this year. Hancock chose to pay a ransom of around $55,000, and recovered its systems within a few days. It later admitted that it would not have been able to recover from backups since the attackers – which sound like the Gold Lowell group – had previously compromised them.

Is it possible that this a rogue AI?
Some Gmail Users Are Getting Spam Apparently Sent By Themselves
It's bad enough that several Gmail accounts are reporting unexplained spam in their inbox, but what's worse is they're apparently sent by themselves, even though most of the accounts employ hard-to-crack two-factor authentication.
Google's spam filtering technology is typically excellent at separating legitimate emails from spam, which makes the incident an odd aberration from Gmail's otherwise sterling security protections. However, a spam variant was successful at bypassing those protections, possibly by making it seem as if the spam recipient is also the sender.

More thoughts on Facebook.
Facebook in the Spotlight: Dataism vs. Privacy
JURIST Guest Columnist Chris Hoofnagle of Berkeley Law, discusses the policing of Facebook’s privacy policies and FTC enforcement: “Are our institutions up to the challenge of protecting users from information-age problems? This is the high-level question emerging from the Facebook-Cambridge Analytica debate. While on one hand Facebook and similarly-situated companies will pay some regulatory price, our public institutions are also in the crosshairs. In the U.S., the much-praised and admired Federal Trade Commission (“FTC”) approach is suffering a crisis of legitimacy. Facebook’s European regulator, the Irish data protection commissioner, is losing both control over its supervision of American companies and the respect of its regulatory colleagues. In a recent press release, the Article 29 Working Party announced that it was creating a working group focusing on social media, never mentioning the Irish in its statement. In this essay I explain the challenges the FTC faces in enforcing its 2012 consent agreement against Facebook and suggest ways it could nonetheless prevail. In the long run, everyone wins if our civil society institutions can police Facebook, including the company itself. While Facebook’s privacy problems have long been dismissed as harmless, advertising-related controversies, all now understand Facebook’s power over our broader information environment. After Brexit, the 2016 U.S. election, and violence in Myanmar, if consumer law fails, we risk turning to more heavy-handed regulatory tools, including cyber sovereignty approaches, with attendant consequences for civil society and internet freedom…”

Perhaps a wax (resin, whatever) mold of the finger/thumb prints should be mandatory?
Florida Detectives Tried Using Dead Man’s Finger to Unlock Cellphone
A pair of Florida detectives visited a funeral home last month in an attempt to unlock a cellphone belonging to a deceased man by using his fingerprint.
… They gained access to the corpse and held his fingerprint to the phone’s sensor but, according to the Tampa Bay Times, which first reported the case, the move was ultimately unsuccessful. Largo police lieutenant Randall Chaney said that the two detectives needed access in order to preserve data stored on the handset that was potentially tied to a separate drug inquiry involving the deceased suspect.
Chaney told the Tampa Bay Times there is typically a 48 to 72-hour period to open a cellphone that has been locked using a fingerprint. While Largo police officers got the device back within that period, Phillip’s body had already been transferred from state custody to the funeral home. Detectives believed a warrant was not needed because the suspect had little expectation of privacy, Chaney added.

Florida police failed to unlock phone using a dead man's finger — but corpses may still help in hacking handsets
… Though it's not clear what brand of phone Phillip owned, Engadget years ago concluded that a finger from a corpse would not unlock an iPhone.
The Touch ID system uses two methods to sense and identify a fingerprint, capacitive and radio frequency. "A capacitive sensor is activated by the slight electrical charge running through your skin," wrote Engadget in 2013. "We all have a small amount of electrical current running through our bodies, and capacitive technology utilizes that to sense touch."
And the radio frequency waves in an iPhone sensor would also not open unless living tissue was present.

Should we all have this App?
This app maker says his work saved thousands during Hurricane Harvey — and he’s not done yet
… His idea was to create an application where a family in distress could quickly submit a call for help containing their location and information, which would instantly appear on a map. A responder could pull the location in order to execute the rescue. Once the family was safe, the information would be taken down so rescuers could focus on those still in need.
… At least 25,000 people were rescued in Houston using the app, Marchetti says.
… The service — now known as CrowdSource Rescue (CSR) — was meant to fill the deficit of public services during a time of immense, dizzying catastrophe. CSR reduced the redundancy created by reposting and sharing across multiple platforms. It crowdsourced every part of the operation: posting, dispatching, rescuing, and updating. It allowed Houstonians and outside volunteer organizations such as the Cajun Navy to work hand in hand with public officials.

Perspective. Well, perhaps Texas has a different perspective.
Emma Platoff reports:
An appeals court has struck down Texas’ “revenge porn” law, ruling that the statute is overly broad and violates the First Amendment.
The 2015 state law targets what author state Sen. Sylvia Garcia, D-Houston, called “a very disturbing internet trend” of posting a previous partner’s nude or semi-nude photos to the web without the partner’s permission, often with identifying information attached. Inspired in part by the testimony of Hollie Toups, a Southeast woman whose intimate photos were posted online, the law made posting private, intimate photos a misdemeanor, carrying a charge of up to a year in jail as well as a $4,000 fine.
Read more on Texas Tribune.

The future of e-commerce in India increasingly looks like an all-American affair
India’s technology industry is bracing itself for the next era of e-commerce warfare, which looks set to be waged and bankrolled by two gigantic corporations located halfway across the world: Amazon and Walmart.
Amazon is already deeply committed to the country, where it has pledged to deploy over $5 billion to grow its business, and now U.S. rival Walmart is said to be inching closer to a deal to buy Flipkart.
Bloomberg reports that Walmart is poised to acquire 60-80 percent of the company for $12 billion.

(Related) Is that why Amazon didn’t complete their bid for Flipkart?
Amazon expects groceries to account for over half of India business in the next 5 years
… Amit Agarwal, the India head of Amazon, said in an interview on Friday that groceries and goods such as creams, soaps and cleaning products, were already the largest product category on Amazon in terms of number of units sold in India.
“I would not speculate on when we would launch AmazonFresh but, absolutely, if you ask me the next five years of vision – from your avocados to your potatoes, and your meat to your ice cream – we’ll deliver everything to you in two hours,” he said.

For my History nerds.
Papers of Benjamin Franklin Now Online
“The papers of American scientist, statesman and diplomat Benjamin Franklin have been digitized and are now available online for the first time from the Library of Congress. The Library announced the digitization in remembrance of the anniversary of Franklin’s death on April 17, 1790. The Franklin papers consist of approximately 8,000 items mostly dating from the 1770s and 1780s. These include the petition that the First Continental Congress sent to Franklin, then a colonial diplomat in London, to deliver to King George III; letterbooks Franklin kept as he negotiated the Treaty of Paris that ended the Revolutionary War; drafts of the treaty; notes documenting his scientific observations, and correspondence with fellow scientists. The collection is online at:”

Looks like it might be useful for topics you are not already familiar with.
Peekier – privacy-oriented search engine
Peekier (pronounced /’pi·ki·er/) is a new way to search the web. Peek through search results fast and securely on a search engine that respects your privacy. Faster information discovery – Peekier shows you a website preview of the search results. Clicking on a result will maximize the preview and allow you to scroll through the website. You can then decide if the information displayed on the website interests you or not before clicking on the link. Here is what a normal search engine looks like on a widescreen monitor: 2/3rds of the screen real estate remain unused. Peekier utilizes 100% of your monitor, giving you all the information you need to know before you visit a website. This is the way searching will be done in the future.
… websites are loaded on our servers and we only send the rendered image to your browser, we deal with malware and other threats while protecting your privacy and providing a safe and secure experience while you stay on our website. You can still choose to visit a website that interests you―the choice is yours. Strict privacy policy – We take your privacy very seriously. We’re pretty sure we’re the search engine with the most privacy oriented features in the world. Peekier does not log your personal info or track you throughout your browsing sessions. For more information on how we protect your privacy click here…”

In all the ruckus about the ban on torrent sites, we forget that there are many more legal uses for torrents than illegal ones.
Still not convinced?

No comments: