We call this ‘low hanging fruit.’
Gigantic
100,000-strong botnet used to hijack traffic meant for Brazilian
banks
Over 100,000 routers have had their DNS settings
modified to redirect users to phishing pages. The redirection occurs
only when users are trying to access e-banking pages for Brazilian
banks.
Around 88% of these routers are located in Brazil,
and the campaign has been raging since at least mid-August when
security firm Radware first
spotted something strange.
… According to Netlab experts, the hackers are
scanning the Brazilian IP space for routers
that use weak or no passwords, accessing the routers'
settings, and replacing legitimate DNS settings with the IPs of DNS
servers under their control.
This change redirects all DNS queries that pass
through the compromised routers to the malicious DNS servers, which
respond with incorrect info for a list of 52 sites.
Most of these sites are Brazilian banks and web
hosting services, and the redirection leads back to a phishing page
that steals victims' credentials for these sites.
Can you tell age by looking at a face?
Honour of
Kings uses facial recognition to check ages
One of China's most popular video games is testing
the use of facial recognition to check users' ages.
Honour of Kings' publisher Tencent announced the
move at the weekend.
It
said the trial would initially be limited to "thousands"
of new players based in Beijing and Shenzhen.
The title has been criticised in local media over
claims
children have become addicted to it.
… Under pressure from local regulators,
Tencent introduced
restrictions in July 2017 to limit under-12s to one hour of
gameplay a day and 13- to 18-year-olds to a maximum of two hours.
“Welcome to New Zealand! Please leave your
Privacy here at the border.”
Travellers
refusing digital search now face $5000 Customs fine
The Customs and Excise Act 2018 - which comes into
effect today - sets guidelines around how Customs can carry out
"digital strip-searches".
Previously, Customs could stop anyone at the
border and demand to see their electronic devices. However, the law
did not specify that people had to also provide a password.
The updated law makes clear that travellers must
provide access - whether that be a password, pin-code or fingerprint
- but officials would need to have a reasonable suspicion of
wrongdoing.
… Council for Civil Liberties spokesperson
Thomas Beagle said the law was an unjustified invasion of privacy.
"Nowadays we've got everything on our phones;
we've got all our personal life, all our doctors' records, our
emails, absolutely everything on it, and customs can take that and
keep it."
The new requirement for reasonable suspicion did
not rein in the law at all, Mr Beagle said.
"They
don't have to tell you what the cause of that suspicion is, there's
no way to challenge it."
Customs Minister Kris Faafoi said the power to
search electronic devices was necessary.
"A lot of the organised crime groups are
becoming a lot more sophisticated in the ways they're trying to get
things across the border.” [Why
would anyone carry digital ‘things’ across the border rather than
send them over the Internet? Bob]
Suppose the Bot won’t cooperate?
Can't spot
the bot? In California, automated accounts have to reveal themselves
California Gov. Jerry Brown [...] signed another
bill that drew less attention — a new law that bans automated
accounts, more commonly known as bots, from pretending to be real
people in pursuit of selling products or influencing elections.
Automated accounts can still interact with Californians, according to
the law, but they will need to disclose that they are bots.
… Twitter may try to identify bots and label
them as such.
Bots are also not limited to social media. Google
caught the attention of the tech industry in May when it rolled
out Google Duplex, a new voice assistant that could talk over the
phone with humans to schedule appointments or make restaurant
reservations — complete with "ums," "ahs" and
pauses just like a human.
The demonstration sparked a discussion around the
ethical issues of having people unknowingly interact with bots.
A backgrounder.
Locating
Personal Data and Tracking Privacy Rights: An Interview with Dimitri
Sirota
One of the biggest challenges for organizations is
locating all the personal data they have. This task must be done,
however, to comply with the General Data Protection Regulation (GDPR)
and other privacy laws. Moreover, the GDPR and the new California
Consumer Privacy Act provide that individuals have rights regarding
their data. These rights often require that organizations must keep
records of individual privacy preferences regarding their data.
Unethical, unless your employer asks you to do it
and finds a way to compensate you.
The Coders
Programming Themselves Out of a Job
When workers
automate their own duties, who should reap the benefits?
In 2016, an anonymous confession
appeared on Reddit: “From around six years ago up until now, I have
done nothing at work.” As far as office confessions go, that might
seem pretty tepid. But this coder, posting as FiletOFish1066, said
he worked for a well-known tech company, and he really meant nothing.
He wrote that within eight
months of arriving on the quality assurance job, he had fully
automated his entire workload. “I am not joking. For
40 hours each week, I go to work, play League of Legends in my
office, browse Reddit, and do whatever I feel like. In the past six
years, I have maybe done 50 hours of real work.” When his bosses
realized that he’d worked less in half a decade than most Silicon
Valley programmers do in a week, they fired him.
Reminder!
What you
need to know about FEMA's 'Presidential Alert' emergency alert system
test on Wednesday
… The U.S. Federal Emergency Management Agency
(FEMA), in coordination with the Federal Communications Commission
(FCC), will conduct a nationwide test of the Emergency Alert System
(EAS) and Wireless Emergency Alert (WEA) system on Wednesday, Oct. 3,
2018.
The WEA test message will begin being sent at 2:18
p.m. EDT. The EAS message will be sent at 2:20 p.m. EDT.
… The WEA test message will have a header that
reads:
"Presidential Alert" and text that says:
“THIS IS A TEST of the National Wireless Emergency Alert System.
No action is needed.”
(Related) It might even work. (This is why we
test.)
FEMA, Vail
test Presidential Alert system for emergencies
… Officials in Vail conducted a local test of
the system in May, one of a handful of locations to do so
… The test showed that not everyone in the
designated area received the text. Kirkland was standing in the
communications center in the middle of Vail when the message was
sent. The phones of the people around her started to buzz and emit a
loud blare.
“Everyone around me got the text, but I didn’t,”
she said.
Others in town also didn’t get the message, she
said, but the agency
couldn’t determine why.
… Other recipients heard the tone but did not
get the text, according
to a survey conducted by Vail Public Safety Communications after the
test. A number of people outside of the test area also received
the messages.
Is it me or does the robot install the drywall
with the face against the wall? (Look about 10 seconds into the
video)
Humanoid
construction robot installs drywall by itself
No comments:
Post a Comment