For my Computer Security students: The opposite of
a default password? Something you must turn on?
Google
Offers G Suite Alerts for State-Sponsored Attacks
Google
this week announced that it can now alert G Suite admins when it
believes users have been targeted by government-backed attackers.
The
search company has
been notifying
users
on what it believes might be state-sponsored attacks for over six
years, and reaffirmed its commitment to continue alerting users on
such incidents last year.
The
Internet giant is now providing G Suite admins with the option to
receive alerts whenever attacks appearing to be coming from a
state-sponsored actor are targeting their users. The feature will
show up in the G Suite Admin console as soon as it becomes available.
“If
an admin chooses to turn the feature on,
an email alert (to admins) is triggered when we believe a
government-backed attacker has likely attempted to access a user’s
account or computer through phishing, malware, or another method,”
Google explains.
As
usual, such alerts don’t necessarily imply that the account has
been compromised or that the organization has been hit with a larger
attack.
The
new feature is turned off by default,
but admins can easily enable or disable it in Admin
Console > Reports > Manage Alerts > Government backed
attack.
Will
Cyber command adopt any of this?
How
Governments Can Better Defend Themselves Against Cyberattacks
In the early 2000s, hackers successfully
infiltrated a series of secure military computer networks across the
United States. From that breach, later deemed “Titan
Rain,” the hackers would successfully pilfer a wealth of
sensitive data including Army helicopter specs, the Air Force’s
flight-planning software, and schematics for a NASA Mars orbiter.
American leaders have typically vowed swift and
fierce retaliation for any attack on the United States by a foreign
actor. So why was there no retaliation for this provocation?
The answer comes down to attribution. “If North
Korea attacks us with nuclear weapons, we observe that it is North
Korea, so we retaliate against North Korea,” explains Sandeep
Baliga, a professor of managerial economics and decision sciences
at Kellogg.
But in cyber warfare, attributing an attack is not
so easy. While experts suspected that the Chinese government was
behind Titan Rain, it was possible that it had been the work of rogue
Chinese civilians, or even another nation that manipulated its
digital footprints to make China appear responsible.
This uncertainty presents a dilemma. For decades,
the U.S. military has relied on the threat of retaliation to deter
would-be aggressors. Most famously, the doctrine of “mutually
assured destruction” warded off Soviet nukes during the Cold War.
But if the U.S. can no longer pinpoint and retaliate against its
aggressors, then that doctrine is hard to apply, Baliga says.
In a new paper with University of Chicago’s
Ethan Bueno de Mesquita
and MIT’s Alexander
Wolitzky, Baliga formulates a deterrence theory for the Internet
age
[Deterrence
with Imperfect Attribution
http://home.uchicago.edu/bdm/PDF/deterrence.pdf
“Grandma, you need to charge your phone!”
What other uses are there?
… Now, sharing your location also shares your
battery level.
We first became aware of
the battery sharing feature early this year when some hints popped up
in an APK
Teardown. At the time, it looked like Google was going to give
approximate battery levels in plain language—e.g. "Bob's
battery is between 50 and 75 percent." However, the feature
appears to be live for more people after appearing intermittently for
a few weeks, and it's more precise. When checking a contact's
location, there's now a battery icon right next to the distance.
There's a battery percentage, and the icon indicates charging status.
… I've tested this feature out and can confirm
the battery level is accurate—it's exactly the battery percentage
on your friend's phone when their location was last updated. This
just happens automatically, and there
doesn't appear to be any way to turn it off when sharing
your location.
No comments:
Post a Comment