“Siri, initiate the Big brother eves-dropping
program.” I bet my students can come up with even more evil ideas.
Alexa and
Siri Can Hear This Hidden Command. You Can’t.
… Over the last two years, researchers in
China and the United States have begun demonstrating that they can
send hidden commands that are undetectable to the human ear to
Apple’s Siri, Amazon’s Alexa and Google’s Assistant. Inside
university labs, the researchers have been able to secretly activate
the artificial intelligence systems on smartphones and smart
speakers, making them dial phone numbers or open websites. In
the wrong hands, the technology could be used to unlock
doors, wire
money or buy stuff online — simply with music
playing over the radio.
We’ve got to get a lot better!
Graham Cluley explains:
The accepted wisdom in the field of cybersecurity is that things are getting worse, and that more businesses are losing control of more data than ever before.
What a bunch of pessimists we are… The truth, however, might be rather different.
A new study published by Risk Based Security has examined the number of data breach incidents in the first quarter of 2018, and compared it to the same time period in previous years. And guess what? It doesn’t look like we’re doing *that* badly.
Read more about what RBS found on Security
Boulevard.
[From
the article:
According
to the research it typically takes a business 37.9 days between
identifying a security breach and disclosure. That’s down from
42.7 days in the first quarter of 2017, and 68.9 days in Q1 2016.
GDPR
legislation, however, expects companies to inform supervisory
authorities of a data breach involving the personal information of
European users within
just 72 hours.
(Related)
Google gets ready for the GDPR…
Our
preparations for Europe’s new data protection law
“Hey, this looks suspicious – let’s try it!”
Cathy Jett reports:
Hackers phishing for sensitive information faked an email from a regional organization to break into the Fredericksburg school system’s electronic mail and file system last month.
The April 24 intrusion was caught the following day, but not before hackers accessed 14 school employees’ emails and one school employee’s files, according to a letter Superintendent David Melton sent to parents and guardians May 2.
The letter stated that the intruders may have used this to access students’ Individualized Education Programs, 504 Plans, Gifted and Talented profiles or portions of their academic records that had been sent by email.
Read more on Fredericksburg.com.
If so many employees fell for the phishing email,
you might think that maybe the phishing email was very professionally
done. But it appears it wasn’t a great phishing email and yet the
employee clicked on the link anyway:
The initial email appeared to come from a group that regularly emails information to the city’s schools, said Mike George, the school system’s director of technology. The employee who received it thought it looked suspicious, but wasn’t sure and opened it about 3 p.m. George said it “was basically a phishing scheme” that collected the employee’s username and password.
I certainly hope so!
The smarter
the student, the stronger the password – study
A consulting director at Asia Pacific College
(APC) in the Philippines decided to match student GPAs against the
strength of their passwords. The findings suggest there is some
degree of correlation between smarts and good password hygiene.
JV Roig, who is also a software developer in
addition to dispensing his consulting expertise, compared the
password hashes from APC’s 1,252 students to the database of leaked
passwords maintained by the handy Have
I Been Pwned? site created by security researcher Troy Hunt. The
database holds a whopping 320 million exposed password hashes
resulting from various data breaches over the years. The weakest
passwords, and implicitly the most common ones, are found there.
Of the 1,252 students, 215 had a match in the
database. Roig then looked at the students’ grade point average
(GPA) and found that the lower the student’s GPA, the weaker the
password and the greater the chance of it being fount in Hunt’s
database.
I would have bet money this was impossible. Hard
to believe it went on for three months!
Chicago man
charged in scam that routed United Parcel Service mail to his
apartment
A Rogers Park man has
been charged in an astonishing scheme that temporarily changed the
address for the global headquarters of shipping giant United
Parcel Service to his tiny garden apartment, resulting in
thousands of pieces of mail meant for UPS executives and other
employees being delivered to his doorstep.
A criminal complaint charging Dushaun
Henderson-Spruce, 24, with theft of mail and fraud was unsealed
Tuesday, records show. He is in custody pending a detention hearing
before U.S. Magistrate Judge Jeffrey Gilbert next week, when
prosecutors have said they will argue he should be held as a risk to
flee.
… It wasn’t until Jan. 16 — nearly three
months after the address change — that a UPS security coordinator
caught on to the setup and notified postal inspectors, court records
show.
… The day after the alleged fraud was
detected, postal inspectors interviewed the carrier who delivers the
mail to Henderson-Spruce’s timeworn, seven-story building. The
carrier said “voluminous” amounts of UPS mail had been coming to
the apartment for months, far more than would fit in the small boxes
assigned to tenants, the affidavit said.
To accommodate the deluge, the carrier “had to
place the mail in a USPS tub and leave it at (Henderson-Spruce’s)
door,” the affidavit said.
… In a brief interview last month with a
Tribune reporter, Henderson-Spruce hinted that he’d received the
UPS mail as a result of a mix-up that was not his fault and that his
identity may have been stolen. But he declined to elaborate.
“Dr. Terminator will see you now.”
… The field of health AI is seemingly
wide—covering wellness to diagnostics to operational
technologies—but it is also narrow in that health AI applications
typically perform just a single task. We investigated
the value of 10 promising AI applications and found that they could
create up to $150 billion in annual savings for U.S. health care by
2026.
We identified these specific AI applications based
on how likely adoption was and what potential exists for annual
savings. We found AI currently creates the most value in helping
frontline clinicians be more productive and in making back-end
processes more efficient—but not yet in making clinical decisions
or improving clinical outcomes. Clinical applications are still
rare.
(Related)
Amazon is
building a 'health & wellness’ team within Alexa as it aims to
upend health care
The nucleus of Amazon's
effort to upend the health-care market may very well be the Echo
device in your living room.
According to an internal document obtained by
CNBC, Amazon has built a team within its Alexa voice-assistant
division called "health & wellness," which includes
over a dozen people and is being led by Rachel Jiang, who has spent
the last 5 years at Amazon in various roles including advertising and
video.
The team's main job is to make Amazon's Alexa
voice assistant more useful in the health-care field, an effort that
requires working through regulations and data privacy requirements
laid out by HIPAA (the Health Insurance Portability and
Accountability Act), according to people familiar with the matter.
The group is targeting areas like diabetes management, care for
mothers and infants and aging, said the people, who asked not to be
named because the work is confidential.
(Related) If you are going to do it, do it right!
What’s
Your Cognitive Strategy?
In the eyes of many leaders, artificial
intelligence and cognitive technologies are the most disruptive
forces on the horizon. But most organizations don’t have a
strategy to address them.
If I think it’s interesting, my students might
want to listen too. (It may show up on the Final!)
Separating
Better Data from Big Data: Where Analytics Is Headed
Ten years ago, the most forward-thinking
companies were just starting to dive into the potential of data and
analytics. Since then, brands have moved from using analytics to
answer what customers are doing to exploring the how and why, and
also to figure out what they will do in the future.
A tool I may need someday.
10 tips for
verifying viral social media videos
Poynter – Danile Funke: “Of all types of
misinformation, video is among the hardest to fact-check. First, it
isn’t easily searchable like text and photos are. You can’t
paste or upload a video on Facebook or Google to see if it’s true
or even trending. Second, there’s currently no way to see which
videos are going viral on Facebook, Twitter or Instagram. They’re
essentially block boxes, and fact-checkers regularly gripe about how
it makes their jobs harder. (Although there has been progress
with fact-checking images on Facebook.) Then there’s the fact that
fake videos are getting easier
to create and harder to detect. So-called “deepfake”
technology draws upon artificial intelligence to alter
images and even superimpose
celebrities’ heads on other people’s bodies. With those
challenges in mind, here
is a list of tips and tricks for debunking viral fake videos on
social media. Unfortunately, fact-checkers still don’t have
good ways to verify deepfake videos — but several agreed it’s too
early to tell how big the problem will become…”
I hope it won’t be long before I get to teach
some of this!
Carnegie Mellon University's School of Computer
Science will offer a new undergraduate
degree in artificial intelligence beginning this fall, providing
students with in-depth knowledge of how to transform large amounts of
data into actionable decisions.
No comments:
Post a Comment