Tuesday, April 24, 2018
Why are old, crash prone operating systems still in use?
Hackers Go After X-Ray, MRI Machines for Corporate Espionage
Fortunately, sabotage and patient data collection doesn't appear to be a motive behind the hacking. The attackers were probably focused on corporate espionage and studying how the medical software onboard the computers worked, the security firm Symantec said on Monday.
Over the past three years, the hacking group Orangeworm has been secretly delivering the Windows-based malware to about 100 different organizations, said Jon DiMaggio, a security researcher at Symantec. The biggest number of victims, at 17 percent, have been based in the US.
The hackers have been particularly interested in legacy Windows 95 systems, which can end up controlling the X-ray and MRI machines, he said. The malware used was capable of taking remote control over a computer, and spreading itself over a network.
I’m shocked, shocked I tell you! Where is Captain Obvious when the CIA needs him?
CIA agents in 'about 30 countries' being tracked by technology, top official says
CIA officers working overseas used to expect to be followed after hours by adversarial spies hoping to find their sources.
But now, foreign spies often don't need to bother because technology can do it for them, said Dawn Meyerriecks, deputy director of the CIA's science and technology division.
Digital surveillance, including closed-circuit television and wireless infrastructure, in about 30 countries is so good that physical tracking is no longer necessary, Meyerriecks told the audience at an intelligence conference in Tampa, Florida, on Sunday.
… But the CIA is spying back, she said. As of six months ago, the agency has been pursuing nearly 140 artificial intelligence projects.
In one, a small team "took a bunch of unclassified overhead and street view" and paired it with machine learning and artificial intelligence algorithms to create "a map of cameras in one of the big capitals that we don't have easy access to," Meyerriecks said.
That way, agents can try to figure out where they are being surveilled and how they might evade the camera eye.
Just in case someone does not take my Computer Security class.
Five myths about internet privacy where nothing is what is seems to be
You have precious little privacy on the web – whether you are browsing, using Facebook or Gmail, public WiFi, disk cleaning applications, or using the same “strong” passwords on multiple sites. USAToday reports – Many of us think we’re taking the right precautions, when in fact we’re putting our info at risk. The following are five such misconceptions, the truth behind them, and what to do about it…”
Interesting arguments? Here or nowhere?
Alexander Berengaut writes:
Last summer, Marcus Hutchins, the security researcher who stopped the “WannaCry” malware attack, was arrested and charged for his role in allegedly creating and conspiring to sell a different piece of malware, known as Kronos. As we have previously discussed on this blog, however, the indictment was notable for its lack of allegations connecting Hutchins to the United States, which raises constitutional due process issues, and Hutchins subsequently moved to dismiss the indictment on this basis.
The government has now responded to Hutchins’ motion. It makes two main arguments. First, the government maintains—as a factual matter—that the allegations in the indictment do allege a sufficient nexus between Hutchins and the United States. Second, the government argues, as a legal matter, that if Hutchins’ indictment is defective because it fails to allege conduct specifically directed at the United States, then there is no country on Earth where Hutchins could be prosecuted. Both arguments appear to fall short.
Read more on Covington & Burling
Another legal conflict?
Clear Scope for Conflict Between Privacy Laws
The Clarifying Lawful Overseas Use of Data Act, or CLOUD Act, was enacted into U.S. federal law on March 23, 2018. It had been attached, at page 2212 of 2232 pages, to the omnibus spending bill, and allows law enforcement to demand access to data of concern wherever in the world that data is stored.
The General Data Protection Regulation, or GDPR, becomes European Law on May 25, 2018. It restricts companies that operate in Europe or process EU citizen data from transferring that data to third parties.
On the surface, there is clear scope for conflict between these two laws; but as always, it is more complex than that. The two key elements are, for CLOUD, section 2713; and for GDPR, article 48.
Section 2713 reads, "A provider of electronic communication service or remote computing service shall comply with the obligations of this chapter to preserve, backup, or disclose the contents of a wire of electronic communication and any record or other information relating to a customer or subscriber within such provider’s possession, custody, or control, regardless of whether such communication, record, or other information is located within or outside the United States."
Article 48 of GDPR states, "Any judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty, in force between the requesting third country and the Union or a Member State, without prejudice to other grounds for transfer pursuant to this Chapter."
It gets complicated because CLOUD specifically allows for 'international agreements', but not mutual legal assistance treaties (MLATs), which it does not mention at all. Indeed, the U.S. government has always complained that MLATs are too complex and slow to be of any value to a fast-moving investigation.
Trying to keep up.
Lawmakers grill academic at heart of Facebook scandal
… Cambridge University researcher Aleksandr Kogan told "60 Minutes" he was "sincerely sorry" about the way he and "tens of thousands" of other app developers took advantage of what he said was Facebook's lax data policy enforcement, but he doesn't think he really did anything wrong.
On Tuesday, he told members of the British Parliament that Cambridge Analytica's suspended CEO, Alexander Nix, had blatantly lied to them during his testimony on the relationship between that company and his own.
Facebook reveals 25 pages of takedown rules for hate speech and more
Facebook has never before made public the guidelines its moderators use to decide whether to remove violence, spam, harassment, self-harm, terrorism, intellectual property theft, and hate speech from social network until now. The company hoped to avoid making it easy to game these rules, but that worry has been overridden by the public’s constant calls for clarity and protests about its decisions. Today Facebook published 25 pages of detailed criteria and examples for what is and isn’t allowed.
Compare & contrast.
YouTube Took Down Over 8 Million Videos In 3 Months, And Machines Did Most Of The Work
Google-owned YouTube took down 8.3 million videos in the last three months of 2017, with machines doing most of the work in cleaning up the video-sharing platform.
The announcement comes alongside the launch of the Reporting History dashboard, which will allow YouTube users to see the status of videos that they have flagged.
What happens if you don’t want Amazon opening your front door?
Introducing In-Car Delivery
As a Prime member, get your Amazon packages securely delivered right into your vehicle parked at home, at work or near other locations in your address book. Park your vehicle in a publicly accessible area to receive in-car deliveries, and track your packages with real-time notifications. FREE for Prime members in select cities and surrounding areas with supported vehicles. Check your eligibility, or download the Amazon Key App to get started.
Amazon Key In-Car Delivery supports most 2015 model year or newer Chevrolet, Buick, GMC, Cadillac, and Volvo vehicles with an active connected car service plan such as OnStar or Volvo On Call. Stay tuned for future partner announcements.
Strangely enough, I’m in agreement.
Surprise! Monkeys can't sue for copyright, not even for 'monkey selfies.' Here's why.
As bananas as it sounds, the Ninth U.S. Court of Appeals ruled on Monday that monkeys do not have the right to sue for copyright infringement as argued in the case of a monkey whose selfie went viral around the world.
… After the image went viral, the site Wikimedia Commons — which is the media repository for Wikipedia — uploaded the image as an image in the public domain. It argued that “because as the work of a non-human animal, it has no human author in whom copyright is vested.”
… PETA used a rule called “next friend” that allowed the organization to sue on behalf of an animal. For a while, it wasn’t even clear that PETA was representing the right monkey. PETA argued that animals are so intelligent that they are capable of holding legal ownership of intellectual property.
Still, the case continued and in 2016 a federal judge ruled that a monkey cannot own copyright. The next year, PETA settled the suit with Slater but the Ninth Circuit refused to let either side drop the case.
And on Monday, the Ninth Circuit delivered a conclusive blow to one of the most-talked about copyright cases in modern times, and one that generated a wide range of reactions given its implications about the work of non-humans, including artificially intelligent machines.
Why does this sound like Hillary Clinton? It’s going to be difficult to plead ignorance after comments he made during the campaign.
Trump ramps up personal cell phone use
President Donald Trump is increasingly relying on his personal cell phone to contact outside advisers, multiple sources inside and outside the White House told CNN, as Trump returns to the free-wheeling mode of operation that characterized the earliest days of his administration.
… Sources cited Trump's stepped-up cell phone use as an example of chief of staff John Kelly's waning influence over who gets access to the President.
… While Trump never entirely gave up his personal cell phone once Kelly came aboard, one source close to the White House speculated that the President is ramping up the use of his personal device recently in part because "he doesn't want Kelly to know who he's talking to."
A toolkit for my Android using students.
The best privacy and security apps for Android
Table of Contents
For all that data I’ve been trying to explain.
Creating Data Visualizations Without Knowing How to Code
Center for Data Innovation: “A research collaboration between Adobe and Georgia Tech has published a free data visualization tool called Data Illustrator that allows users to create visualizations in a graphical interface without having to know how to code. Additionally, Dutch data visualization firm Vizualism has published a tutorial for Data Illustrator to walk users through how to create a visualization using data about life expectancy in Dutch cities.”
Storyline JS - Turn Your Spreadsheets Into Stories
In yesterday's Practical Ed Tech Tip of the Week I featured the storytelling tools produced by Knight Lab at Northwestern University. One of those tools is called Storyline JS. Storyline JS lets you create an interactive, annotated line chart. The purpose of Storyline JS is to enable you to add detailed annotations to the data points displayed on your line charts. Watch my video below to see how to create an annotated line chart with Storyline JS.
Storyline JS could be a great tool for students to use to demonstrate their understanding of what the data in a line chart actually means. Similarly, using Storyline JS could be a good way for students to explain the causes for changes in the data displayed in their line charts.