Friday, May 25, 2018

A notice from Google this morning (emphasis is mine) as I write my Blog.
European Union laws require you to give European Union visitors information about cookies used and data collected on your blog. In many cases, these laws also require you to obtain consent.
As a courtesy, we have added a notice on your blog to explain Google's use of certain Blogger and Google cookies, including use of Google Analytics and AdSense cookies, and other data collected by Google.
You are responsible for confirming this notice actually works for your blog, and that it displays. If you employ other cookies, for example by adding third party features, this notice may not work for you. If you include functionality from other providers there may be extra information collected from your users.
Learn more about this notice and your responsibilities.

New regulation, new basis for lawsuits. How many additional lawyers/firms were added just for this?
Activists Are Already Targeting Google and Facebook Over Europe's New Data Privacy Law That Went Live Today
Europe’s sweeping new data privacy regime came into effect this morning, and privacy activists are not wasting time in flexing their muscles. One organization has already made official data protection complaints about Google, Facebook, WhatsApp and Instagram, while another is going after the shadowy data brokers that trade people’s information behind the scenes.
The complaints about Google, Facebook and Facebook’s subsidiaries come from a group called None Of Your Business (NOYB)—a non-profit founded by the very successful serial Facebook litigant Max Schrems. Schrems, the Austrian lawyer who annihilated the U.S.-EU Safe Harbor data-sharing agreement a few years ago, formed the crowdfunded NOYB in order to take on big tech firms that break the EU’s new General Data Protection Regulation (GDPR.)

What starts as digital may not remain digital.
UK Warns That Aggressive Cyberattack Could Trigger Kinetic Response
UK Says it Doesn't Need to Demonstrate Attribution Before Engaging Cyber Retaliation
The scene was set last week when Air Marshall Phil Collins (Chief of Defence Intelligence, UK Ministry of Defence) spoke at the Royal United Services Institute (RUSI). In his speech Collins talked about the growing use of non-kinetic (primarily cyber) warfare.
"We can see numerous examples of this today," he said: "unprecedented industrial espionage activity against the UK and Allies; private security contractors being used in high-end expeditionary warfare in Syria; cyber-attacks against national infrastructure and reputation across Europe; information operations that attempt to pervert political process and frustrate the rule of law; and attempted assassinations."
He warned that the nature of modern warfare is becoming broader, more strategic, and features "continuous full spectrum competition and confrontation."
The implication is that the UK requires the ability (and he makes it clear that he believes the UK has that ability) to both respond to cyber-attacks and if necessary launch preemptive cyber-attacks effectively in self-defense.

This will be interesting. (In a kind of “Did too!” “Did not!” way.)
Facebook releases its U.S. political ad archive
Facebook’s new archive for U.S. political ads — created to give users more information about who is advertising on Facebook and who they are trying to target — went live today. The archive was first announced in October.
The archive is available to view at The archive contains both ads promoting candidates for political office as well as those that Facebook has deemed to be “issue ads” — ads that touch on a list of 20 hot-button topics that Facebook released earlier this month. These ads will also be labeled in users’ news feeds starting today, with a “paid for by” tag. Political and issue ads on Instagram will also be labeled.

For my Software Architecture class to design a fix and my Computer Security class to fix this design.
Amazon might have a serious Alexa problem on its hands
News broke out earlier this week that Amazon’s Alexa assistant recorded a private conversation between two people and then sent that recording to a third party. Alexa, of course, is supposed to listen to everything you say but only act when you utter the designated hotwords that invoke the assistant.
… Amazon explained to Recode what caused this privacy infringing incident. Here’s what happened — we’ve broken down Amazon’s statement into all the steps Alexa went through to dispatch the message:
Echo woke up due to a word in background conversation sounding like “Alexa.”
Then, the subsequent conversation was heard as a “send message” request.
At which point, Alexa said out loud “To whom?” At which point, the background conversation was interpreted as a name in the customer’s contact list.
Alexa then asked out loud, “[contact name], right?” Alexa then interpreted background conversation as “right.”
As unlikely as this string of events is, we are evaluating options to make this case even less likely.”
All this sounds extremely unlikely but it also kind of explains what happened perfectly. To recap, the woman was talking to her husband and a partial recording of their chat was then sent to one of his employees who lives in a different state.
It’s always possible that one of the two people in the chat said a word that sounded like Alexa, triggering a sequence of events as described above. They may have also mentioned a name that sounded just like the name of the man’s employee and used words that may have been interpreted as confirmation to send a message.
But, no matter how you look at it, this is a serious issue. Apparently, Alexa can misinterpret its own hotword, which is definitely not something you want from the assistant.

(Related) Using this system to confirm the validity of stolen information?
Here’s something we don’t see everyday, and it involves Kentucky-based health insurer Humana. Humana’s technology team became suspicious after there were a number of calls to an 800 number of Humana’s that involved their Interactive Voice Response system where the caller was able to authenticate as a member by providing date of birth, zip code, and Humana ID number or Social Security Number, but then never went further with the system to request anything. So were the calls simply to verify the accuracy of member information in preparation for some other attack or misuse? It wasn’t clear, but Humana wisely took action.
Humana blocked the phone numbers associated with the suspicious calls, notified members, and offered them protective services through Equifax’s Credit Watch Gold service. And of course, they continue to monitor for any other suspicious behavior.

Designing in Security checks is good. Ignoring Security checks is all too common.
Another Deutsche Bank Error Revealed: $30 Billion 2014 Gaffe
A 28 billion-euro ($35 billion) payments error at Deutsche Bank AG in March wasn’t the first such blunder to befall the lender.
In March 2014, the German bank mistakenly sent 21 billion euros to Macquarie Group Ltd. as collateral for an over-the-counter derivatives trade, according to a person familiar with the matter who declined to be identified. That incident led directly to the introduction of fail-safes, though these didn’t catch the latest gaffe, the person said.
… While the New York Fed warned the firm in late 2013 about persistent deficiencies in its processes, lapses have continued, demonstrating the challenge facing new Chief Executive Officer Christian Sewing as he seeks to return the bank to growth and placate U.S. regulators.
… The 2018 error was caused by the input of euros instead of yen, Sewing told shareholders in Frankfurt on Thursday…
… The 2014 over-payment was a result of human error while using a collateral management system, the person familiar said. A control system that requires at least two pairs of eyes to look at transactions of a certain size also failed, they said.
Following the error, Deutsche Bank designed an enhanced “bear trap” system, whereby all payments over a certain size were subjected to increased scrutiny, according to the person. Yet that failed to prevent the more recent gaffe in March of this year.
… The German bank also ran into payment difficulty in June 2015 when a junior member of its Frankfurt-based foreign-exchange sales team mistakenly sent $6 billion to a U.S. hedge fund client.

I hope my game creating students remember their poor old professor when they become rich.
Fortnite made nearly $300 million in the month of April
Epic Games’ Fortnite generated $296 million in the month of April across mobile, console, and PC platforms, according to digital game sales tracker SuperData Research. That amount is more than double what the game generated in the month of February, when it earned $126 million and surpassed Playerunknown’s Battlegrounds in monthly sales for the first time.
The big difference between the games, and what really makes Fortnite shine, is Epic’s free-to-play model, which gets the title into as many players’ hands as possible and recoups the money, and then some, by way of in-game purchases. Epic sells players cosmetic items that do not affect gameplay, including goofy and topical character costumes and in-game dance moves purely for vanity purposes. It also sells a season subscription called the Battle Pass for around $10. Still, the company sells these items at such an alarming quantity that Fortnite made more money in April than Avengers: Infinity War did on its opening weekend later that same month.

Ignore the source, try it for the benefits.
Pornhub launches its own VPN
Pornhub is launching its own VPN service today with free and unlimited bandwidth. The VPN is supposed to help users avoid ISP throttling and geographic limitations. It’s also designed to let users transmit data anonymously without saving or collecting any of that data.
… The VPN service is available on Mac, Windows, Android, and iOS

1 comment:

brizilaya ashila said...

Such ladies understand they will be reminded of the rape each time they look at their child, but they opt to adore the child anyway. More information on Road Rage in Ontario | Toronto Criminal Defence Lawyers on