Friday, May 11, 2018

“Siri, initiate the Big brother eves-dropping program.” I bet my students can come up with even more evil ideas.
Alexa and Siri Can Hear This Hidden Command. You Can’t.
… Over the last two years, researchers in China and the United States have begun demonstrating that they can send hidden commands that are undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant. Inside university labs, the researchers have been able to secretly activate the artificial intelligence systems on smartphones and smart speakers, making them dial phone numbers or open websites. In the wrong hands, the technology could be used to unlock doors, wire money or buy stuff online — simply with music playing over the radio.

We’ve got to get a lot better!
Graham Cluley explains:
The accepted wisdom in the field of cybersecurity is that things are getting worse, and that more businesses are losing control of more data than ever before.
What a bunch of pessimists we are… The truth, however, might be rather different.
A new study published by Risk Based Security has examined the number of data breach incidents in the first quarter of 2018, and compared it to the same time period in previous years. And guess what? It doesn’t look like we’re doing *that* badly.
Read more about what RBS found on Security Boulevard.
[From the article:
According to the research it typically takes a business 37.9 days between identifying a security breach and disclosure. That’s down from 42.7 days in the first quarter of 2017, and 68.9 days in Q1 2016.
GDPR legislation, however, expects companies to inform supervisory authorities of a data breach involving the personal information of European users within just 72 hours.

(Related) Google gets ready for the GDPR…
Our preparations for Europe’s new data protection law

“Hey, this looks suspicious – let’s try it!”
Cathy Jett reports:
Hackers phishing for sensitive information faked an email from a regional organization to break into the Fredericksburg school system’s electronic mail and file system last month.
The April 24 intrusion was caught the following day, but not before hackers accessed 14 school employees’ emails and one school employee’s files, according to a letter Superintendent David Melton sent to parents and guardians May 2.
The letter stated that the intruders may have used this to access students’ Individualized Education Programs, 504 Plans, Gifted and Talented profiles or portions of their academic records that had been sent by email.
If so many employees fell for the phishing email, you might think that maybe the phishing email was very professionally done. But it appears it wasn’t a great phishing email and yet the employee clicked on the link anyway:
The initial email appeared to come from a group that regularly emails information to the city’s schools, said Mike George, the school system’s director of technology. The employee who received it thought it looked suspicious, but wasn’t sure and opened it about 3 p.m. George said it “was basically a phishing scheme” that collected the employee’s username and password.

I certainly hope so!
The smarter the student, the stronger the password – study
A consulting director at Asia Pacific College (APC) in the Philippines decided to match student GPAs against the strength of their passwords. The findings suggest there is some degree of correlation between smarts and good password hygiene.
JV Roig, who is also a software developer in addition to dispensing his consulting expertise, compared the password hashes from APC’s 1,252 students to the database of leaked passwords maintained by the handy Have I Been Pwned? site created by security researcher Troy Hunt. The database holds a whopping 320 million exposed password hashes resulting from various data breaches over the years. The weakest passwords, and implicitly the most common ones, are found there.
Of the 1,252 students, 215 had a match in the database. Roig then looked at the students’ grade point average (GPA) and found that the lower the student’s GPA, the weaker the password and the greater the chance of it being fount in Hunt’s database.

I would have bet money this was impossible. Hard to believe it went on for three months!
Chicago man charged in scam that routed United Parcel Service mail to his apartment
A Rogers Park man has been charged in an astonishing scheme that temporarily changed the address for the global headquarters of shipping giant United Parcel Service to his tiny garden apartment, resulting in thousands of pieces of mail meant for UPS executives and other employees being delivered to his doorstep.
A criminal complaint charging Dushaun Henderson-Spruce, 24, with theft of mail and fraud was unsealed Tuesday, records show. He is in custody pending a detention hearing before U.S. Magistrate Judge Jeffrey Gilbert next week, when prosecutors have said they will argue he should be held as a risk to flee.
… It wasn’t until Jan. 16 — nearly three months after the address change — that a UPS security coordinator caught on to the setup and notified postal inspectors, court records show.
… The day after the alleged fraud was detected, postal inspectors interviewed the carrier who delivers the mail to Henderson-Spruce’s timeworn, seven-story building. The carrier said “voluminous” amounts of UPS mail had been coming to the apartment for months, far more than would fit in the small boxes assigned to tenants, the affidavit said.
To accommodate the deluge, the carrier “had to place the mail in a USPS tub and leave it at (Henderson-Spruce’s) door,” the affidavit said.
… In a brief interview last month with a Tribune reporter, Henderson-Spruce hinted that he’d received the UPS mail as a result of a mix-up that was not his fault and that his identity may have been stolen. But he declined to elaborate.

“Dr. Terminator will see you now.”
… The field of health AI is seemingly wide—covering wellness to diagnostics to operational technologies—but it is also narrow in that health AI applications typically perform just a single task. We investigated the value of 10 promising AI applications and found that they could create up to $150 billion in annual savings for U.S. health care by 2026.
We identified these specific AI applications based on how likely adoption was and what potential exists for annual savings. We found AI currently creates the most value in helping frontline clinicians be more productive and in making back-end processes more efficient—but not yet in making clinical decisions or improving clinical outcomes. Clinical applications are still rare.

Amazon is building a 'health & wellness’ team within Alexa as it aims to upend health care
The nucleus of Amazon's effort to upend the health-care market may very well be the Echo device in your living room.
According to an internal document obtained by CNBC, Amazon has built a team within its Alexa voice-assistant division called "health & wellness," which includes over a dozen people and is being led by Rachel Jiang, who has spent the last 5 years at Amazon in various roles including advertising and video.
The team's main job is to make Amazon's Alexa voice assistant more useful in the health-care field, an effort that requires working through regulations and data privacy requirements laid out by HIPAA (the Health Insurance Portability and Accountability Act), according to people familiar with the matter. The group is targeting areas like diabetes management, care for mothers and infants and aging, said the people, who asked not to be named because the work is confidential.

(Related) If you are going to do it, do it right!
What’s Your Cognitive Strategy?
In the eyes of many leaders, artificial intelligence and cognitive technologies are the most disruptive forces on the horizon. But most organizations don’t have a strategy to address them.

If I think it’s interesting, my students might want to listen too. (It may show up on the Final!)
Separating Better Data from Big Data: Where Analytics Is Headed
Ten years ago, the most forward-thinking companies were just starting to dive into the potential of data and analytics. Since then, brands have moved from using analytics to answer what customers are doing to exploring the how and why, and also to figure out what they will do in the future.

A tool I may need someday.
10 tips for verifying viral social media videos
Poynter – Danile Funke: “Of all types of misinformation, video is among the hardest to fact-check. First, it isn’t easily searchable like text and photos are. You can’t paste or upload a video on Facebook or Google to see if it’s true or even trending. Second, there’s currently no way to see which videos are going viral on Facebook, Twitter or Instagram. They’re essentially block boxes, and fact-checkers regularly gripe about how it makes their jobs harder. (Although there has been progress with fact-checking images on Facebook.) Then there’s the fact that fake videos are getting easier to create and harder to detect. So-called “deepfake” technology draws upon artificial intelligence to alter images and even superimpose celebrities’ heads on other people’s bodies. With those challenges in mind, here is a list of tips and tricks for debunking viral fake videos on social media. Unfortunately, fact-checkers still don’t have good ways to verify deepfake videos — but several agreed it’s too early to tell how big the problem will become…”

I hope it won’t be long before I get to teach some of this!
Carnegie Mellon Launches Undergraduate Degree in Artificial Intelligence
Carnegie Mellon University's School of Computer Science will offer a new undergraduate degree in artificial intelligence beginning this fall, providing students with in-depth knowledge of how to transform large amounts of data into actionable decisions.

No comments: