Saturday, January 27, 2018

A debate on how to manage Computer Security sounds like fun. Should you budget to secure employee devices? Should the government forbid employees from using their own servers (like Hillary Clinton)?
Tim Cushing reports:
Notification of state-sponsored hacking attempts has revealed another weak spot in the US government’s defenses. The security of the government’s systems is an ongoing concern, but the Senate has revealed it’s not doing much to ensure sensitive documents and communications don’t end up in the hands of foreign hackers.
Read more on TechDirt.

Some customers are asking questions that companies are not ready to answer? I would worry more about those industries that don’t have questions.
Data Privacy Concerns Cause Sales Delays: Cisco
Nearly two-thirds of businesses worldwide have experienced significant delays in sales due to customer data privacy concerns, according to Cisco’s 2018 Privacy Maturity Benchmark Study.
The study, based on the responses of roughly 3,000 cybersecurity professionals from 25 countries, shows that 65% of businesses reported sales cycle delays due to concerns over data privacy, with an average delay of nearly 8 weeks.
However, organizations with a mature privacy process are less affected compared to privacy-immature companies. Privacy-mature firms experienced delays of only 3.4 weeks, while immature businesses reported delays averaging nearly 17 weeks.
Sales delays have also varied depending on several other factors, including country, with the longest delays reported in Mexico and Latin America, and industry, with the longest delays in the government and healthcare sectors.
The complete 2018 Privacy Maturity Benchmark Study is available for download in PDF format.

It’s not science fiction if the technology is in use today. What would Jules Verne do?
Artificial intelligence is going to supercharge surveillance
We usually think of surveillance cameras as digital eyes, watching over us or watching out for us, depending on your view. But really, they’re more like portholes: useful only when someone is looking through them. Sometimes that means a human watching live footage, usually from multiple video feeds. Most surveillance cameras are passive, however. They’re there as a deterrence, or to provide evidence if something goes wrong. Your car got stolen? Check the CCTV.
But this is changing — and fast. Artificial intelligence is giving surveillance cameras digital brains to match their eyes, letting them analyze live video with no humans necessary. This could be good news for public safety, helping police and first responders more easily spot crimes and accidents and have a range of scientific and industrial applications. But it also raises serious questions about the future of privacy and poses novel risks to social justice.
What happens when governments can track huge numbers of people using CCTV? When police can digitally tail you around a city just by uploading your mugshot into a database? Or when a biased algorithm is running on the cameras in your local mall, pinging the cops because it doesn’t like the look of a particular group of teens?

They Are Watching You—and Everything Else on the Planet

About damn time!
FBI Director Chris Wray Says Secure Encryption Backdoors Are Possible; Sen. Ron Wyden Asks Him To Produce Receipts

Are you serious?
George Soros calls Facebook and Google a 'menace' to society and 'obstacles to innovation' in blistering attack
The billionaire investor and philanthropist George Soros has launched a blistering and multipronged attack on Facebook and Google, arguing the tech giants' size and "monopolistic" behavior had made them a "menace" to society, damaged democracy, and encouraged "addiction" akin to gambling companies.
Speaking on Thursday at the World Economic Forum in Davos, Switzerland, the Hungarian businessman said that "social-media companies influence how people think and behave without them even being aware of it," adding that they have "far-reaching adverse consequences on the functioning of democracy, particularly on the integrity of elections."

Friday, January 26, 2018

I see a topic for our next Computer Security class. This was never secret. Is Reuters saying the US Government never noticed?
Tech firms let Russia probe software widely used by U.S. government
In order to sell in the Russian market, the tech companies let a Russian defense agency scour the inner workings, or source code, of some of their products. Russian authorities say the reviews are necessary to detect flaws that could be exploited by hackers.

How much damage could a deliberate cyber attack cause? Oodles!
Maersk Reinstalled 50,000 Computers After NotPetya Attack
In a panel on securing a common future in cyberspace, Hagemann Snabe, former co-CEO of SAP, said the NotPetya malware had hit a large number of systems housed by the company.
According to Hagemann Snabe, Maersk’s IT team had to reinstall software on its entire infrastructure, including 45,000 PCs and 4,000 servers, totaling 2,500 applications.
The mammoth task took only 10 days to complete, during which time the company manually coordinated operations. This was not easy considering that Maersk is the largest container shipping company in the world and it’s responsible for roughly 20 percent of world trade. Hagemann Snabe noted that a ship carrying 10,000-20,000 containers docks into a port every 15 minutes.

Unusual for counter-intelligence to reveal their targets and their results. What am I missing? (A message to Vladimir Putin for example?)
Report: Dutch spies caught Russian hackers on tape
The Netherlands' spy service broke into the computers used by a powerful Russian hacking group and may be sitting on evidence relating to the breach of the U.S. Democratic National Committee, a Dutch newspaper and television show jointly reported Friday.
Reports carried in the respected daily Volkskrant and the current affairs show Nieuwsuur say hackers working for the Dutch General Intelligence and Security Service penetrated the computers used by the group, often nicknamed Cozy Bear, in mid-2014 and watched them for at least a year, even managing to catch the hackers on camera.
… Volkskrant and Nieuwsuur said that the Dutch spies used their access to help oust Cozy Bear from U.S. State Department computers in late 2014. Volkskrant said American spies were so grateful they sent the Dutch cake and flowers.

Skimming, Russian style. (Are you getting poor gas mileage lately?)
Hacker uses malware to steal, resell gas in major Russian fraud scheme
… According to the investigation, Denis Zayev created a malicious program that he sold to dozens of gas station employees to inject in the pumps’ software and cash registers. In some schemes he was also a partner, getting a share of the money from the stolen fuel.
The scam was simple: after the malware was installed on the IT systems, a gas tank would be left empty on purpose so some of the fuel that customers bought would be diverted to the empty tank. Customers would get less fuel than they paid for, while employees resold the fuel collected in the empty tank.
Zayev and his partners stole between 3% and 7% of the fuel for some “hundreds of millions or rubles.” The malicious program was undetectable and they fully covered their tracks by showing fake data and deleting any information about the resale operation.

Trying to keep up or catch up to technology is always a losing game.
BocaNewsNow writes:
Several teachers in schools throughout South Palm Beach County are using “Bloomz,” a Facebook-like app to communicate in a social network style with parents. This app is not approved by the Palm Beach County School District. Teachers are not authorized to use the app.
Potentially violating Florida public records laws, Bloomz presents a “back channel” communication tool that isn’t monitored by, and can’t be accessed by, administrators, principals, school district attorneys or members of the public filing freedom of information act requests.
At issue: teachers are storing confidential student information in the app which may be used by Bloomz for marketing purposes, potentially violating FERPA, the Family Educational Rights and Privacy Act. Calendars, photos, testing schedules, lists of students completing field trip permission slips, even photos and videos are being posted online by teachers with no guarantee of privacy or confidentiality.
Read more on BocaNewsNow.
If the allegations are true, this is a good example of the risks and pitfalls with edtech. Did the districts do a training with teachers about permissible and impermissible tech? Did teachers have to sign any statement of understanding about what they can use and not use? Do teachers ever get actually disciplined or suspended for using tech that they were not permitted to use?

Perspective. Self-driving cars are coming, no matter what my students think.
Ford Scoops Up Software Firms as It Drives Toward the Driverless
Ford Motor Co. is acquiring two small software firms to help build out its mobility business, a move that highlights the need for auto companies to seed their management teams with technology talent to keep pace in a fast-changing transportation sector.
Ford said Thursday it is buying Autonomic Inc., a Palo Alto, Calif., startup with 70 employees that is developing a software backbone for Ford to provide urban transit services to consumers and businesses.

Something for my next Computer Forensics class.
PDF Forensic Analysis and XMP Metadata Streams
Arman Gungor – Meridian Discovery – Link to complete posting: “Portable Document Format (PDF) forensic analysis is a type of request we encounter often in our computer forensics practice. The requests usually entail PDF forgery analysis or intellectual property related investigations. In virtually all cases, I have found that the PDF metadata contained in metadata streams and the document information dictionary have been instrumental. I will provide a brief overview of these metadata sources and then provide an example of how they can be useful during PDF forensic analysis. PDF is an electronic file format created by Adobe Systems in the early 1990s. It is used primarily to reliably exchange documents independent of platform—hardware, software or operating system. PDF is also an ISO Standard (ISO 32000-1). Due to its platform independent nature, numerous personal and business documents such as reports, agreements and operational documents are created and exchanged in PDF format. Consequently, we encounter them very often during e-Discovery processing, productions and PDF forensic analysis—especially during fraudulent document analysis…”

Imagine what the next 1000 years will bring!
Oxford University admits more women than men for first time – Ucas
The University of Oxford offered more undergraduate places to British women than men last year for the first time in its more than 1,000-year history.
Of the total figure, female sixth-formers also outnumbered their male peers, according to data published from Ucas, the university and college admissions body.
A total of 1,070 18-year-old female UK applicants to Oxford took places on undergraduate course in autumn 2017, compared with 1,025 men of the same age.

Perspective. (But you have to explain what I’m seeing?)
Nutella 'riots' spread across French supermarkets
A discount on Nutella has led to violent scenes in a chain of French supermarkets, as shoppers jostled to grab a bargain on the sweet spread.
Intermarch√© supermarkets offered a 70% discount on Nutella, bringing the price down from €4.50 (£3.90) to €1.40.
But police were called when people began fighting and pushing one another.
"They are like animals. A woman had her hair pulled, an elderly lady took a box on her head, another had a bloody hand," one customer told French media.
Similar scenes have been reported across France, with some being described as "riots".

This seems off topic, but it ties into this week’s homework in Computer Security. (Yes, I give very strange assignments.)
Bill Gates is funding genetic research into how to create the perfect cow

Is Scott Adams trying to explain politics in the Trump era?

Thursday, January 25, 2018

Arming my students.

For my Computer Security students debating how to secure self-driving cars. What is fixed, what changes?
Why Tesla's Autopilot Can't See a Stopped Firetruck
… “Traffic-Aware Cruise Control cannot detect all objects and may not brake/decelerate for stationary vehicles, especially in situations when you are driving over 50 mph (80 km/h) and a vehicle you are following moves out of your driving path and a stationary vehicle or object is in front of you instead.”

(Related) Suggesting that self-driving cars are being given the ‘fast track’ to approval?
2 Federal Agencies Send Teams to Probe Tesla Freeway Crash
Two federal agencies have dispatched teams to investigate the California crash of a Tesla Model S electric car that may have been operating under its semi-autonomous "Autopilot" system.
It's the second time the National Transportation Safety Board and the National Highway Traffic Safety Administration have investigated the performance of Autopilot, which keeps a vehicle centered in its lane at a set distance from cars in front of it and also can change lanes and brake automatically.
The safety board sent two investigators to Culver City on Tuesday, according to spokesman Peter Knudson, while NHTSA confirmed Wednesday that it is also dispatching a special team "to investigate the crash and assess lessons learned."

Another area of discussion for my Computer Security students.
Compromised Credentials: The Primary Point of Attack for Data Breaches
Recent headlines of Russia-linked hackers harvesting access credentials to infiltrate the U.S. Senate and stage lateral attacks illustrate a common tactic used by cyber criminals and state-sponsored attackers. According to the Verizon 2017 Data Breach Investigation Report, a whopping 81% of hacking-related breaches leverage either stolen, default, or weak passwords. So why are so many organizations still focusing on securing the network perimeter, instead of rethinking their core defenses by maturing their identity and access management strategies to secure applications, devices, data, and infrastructure — both on-premises and in the cloud.
The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even worse if a stolen identity belongs to a privileged user, who has even broader access, and therefore provides the intruder with “the keys to the kingdom”. By leveraging a “trusted” identity a hacker can operate undetected and exfiltrate sensitive data sets without raising any red flags. As a result, it’s not surprising that most of today’s cyber-attacks are front-ended by credential harvesting campaigns. Common methods for harvesting credentials include the use of password sniffers, phishing campaigns, or malware attacks.
To address these problems, organizations should consider the following best practices for identity and access management that fall into four levels of maturity: ‘Good’, ‘Better’, and ‘Great’ to ‘Optimal’:

A resource to watch?
World Economic Forum Announces Global Centre for Cybersecurity
The World Economic Forum (WEF) is establishing a new Global Centre for Cybersecurity "to help build a safe and secure global cyberspace."
This was announced at the 48th Annual Meeting currently taking place in Davos-Klosters, Switzerland. This year's WEF theme is Creating a Shared Future in a Fractured World. WEF's annual Global Risk Report for 2018 shows cyberattacks are now considered the third most serious global threat behind only extreme weather and natural disasters. Data fraud/theft is fourth.

For my Data Management students.
Big Data Trends
Big data is no longer just a buzzword. Researchers at Forrester have "found that, in 2016, almost 40 percent of firms are implementing and expanding big data technology adoption. Another 30 percent are planning to adopt big data in the next 12 months." Similarly, the Big Data Executive Survey 2016 from NewVantage Partners found that 62.5 percent of firms now have at least one big data project in production, and only 5.4 percent of organizations have no big data initiatives planned or underway.
… the following trends are clearly shaping Big Data going forward.

A survey of my students seems in order: will you trust Apple with your health data?
Romain Dillet reports:
Apple announced a new health effort as part of iOS 11.3. The new Health Records section in the Health app lets you gather and view all your medical records. The company is partnering with hospitals and clinics.
Apple released the first beta version of iOS 11.3 today. While the new version of iOS is going to remain in beta testing for a couple of months, it should be available as a free download to all iPhone users pretty soon.
Read more on TechCrunch.

Something to tease my lawyer friend with? (Nothing there yet)
Blockchain Law Class
“This is an applied course designed to introduce students to the emerging social, economic and legal issues associated with blockchain and crypto-enabled technologies. The course is a survey designed for students with little or no prior experience with these technologies. The course is divided into three modules: (1) an introduction to blockchain and crypto technologies; (2) applications of the technologies; and (3) the law applicable to the technologies. Still in beta – we will be adding much more to this page in the coming months!”

Perhaps we should form an Association of Independent Broadband Communities?
750+ American Communities Have Built Their Own Internet Networks
MotherBoard – A new map shows that more communities than ever are building their own broadband networks to end big telecom’s monopoly: “More communities than ever are embracing building their own broadband networks as an alternative to the Comcast status quo. According to a freshly updated map of community-owned networks, more than 750 communities across the United States have embraced operating their own broadband network, are served by local rural electric cooperatives, or have made at least some portion of a local fiber network publicly available. The map was created by the Institute for Local Self-Reliance, a nonprofit that advocates for local economies. These networks have sprung up across the nation as a direct reflection of the country’s growing frustration with sub-par broadband speeds, high prices, and poor customer service. They’ve also emerged despite the fact that ISP lobbyists have convinced more than 20 states to pass protectionist laws hampering local efforts to build such regional networks…”

Another vast collection of resources.
New on LLRX – Business Intelligence Online Resources 2018
Via LLRXBusiness Intelligence Online Resources 2018 – This guide by Marcus Zillman focuses on selected free and fee based resources published by a range of reliable sources that researchers can use for tracking, monitoring and sector research discovery purposes, as well as on tools and techniques to leverage in their business intelligence work.

You Want Fries With That? Burger King Explains Net Neutrality In Less Than 3 Minutes.
Net neutrality is abstract for most people but put it in these terms and it becomes clearer: $26 for a Whopper that you get immediately versus $4.95 for a Whopper that you get in 20 minutes. Got it?

Not so brilliant?
Why breaking up Amazon, Google, Apple, and Facebook could save capitalism
… “We don’t break these guys up because they are evil,” he added. “That’s bullshit. They are no less or more evil than us. We don’t break them up because they avoid taxes. It’s our job to hold them accountable. We don’t break them up because they destroy jobs … We break these guys ups up because we are capitalists and it is time.

Wednesday, January 24, 2018

Was “safety and accuracy” attacked? Would they admit it if it had been?
Malfunction Shuts Vietnam’s Main Stock Exchange for a Second Day
Vietnam’s main stock exchange, home to the nation’s benchmark VN Index, will remain shut for a second day on Wednesday following a malfunction, its longest halt in nearly 10 years.
The Ho Chi Minh City Stock Exchange said that while the technical issue that occurred on Monday has been solved, it needs to run tests with securities firms to ensure the “safety and accuracy” of the trading system.
… “Being shut for multiple days will start to have an affect on market sentiment, especially from the offshore foreign investors who have recently joined, or are planning on joining the market,” he said. “What we are hoping to hear is clarity from the exchange on what the causes are, when we can expect trading to resume and that the issues have been resolved.”

Something to get my Data Management and my Computer Security students thinking.
Ian Health reports that Appleby, a firm at the centre of the Paradise Papers data leak, has hired a high-profile media lawyer to help block further releases of confidential client data. Health reports:
Appleby have maintained that the documents were illegally hacked from their files and have since initiated legal proceedings against the BBC and the Guardian, who they claim have not co-operated with information requests they have made.
The firm issued a claim for breach of confidence on 4 December, as well as an application for disclosure and information. Appleby says that it needs to know what documents were taken from its files so it can advise its clients.
Read more on Jersey Evening Post.
For its part, Appleby issued the following media statement to explain its reasons for its litigation: [Omitted. Bob]

All that you save by not securing data will disappear at the first hint of a breach?
Tinder's Lack of Encryption Lets Strangers Spy on Your Swipes
… On Tuesday, researchers at Tel Aviv-based app security firm Checkmarx demonstrated that Tinder still lacks basic HTTPS encryption for photos. Just by being on the same Wi-Fi network as any user of Tinder's iOS or Android app, the researchers could see any photo the user did, or even inject their own images into his or her photo stream. And while other data in Tinder's apps are HTTPS-encrypted, Checkmarx found that they still leaked enough information to tell encrypted commands apart, allowing a hacker on the same network to watch every swipe left, swipe right, or match on the target's phone nearly as easily as if they were looking over the target's shoulder. The researchers suggest that lack of protection could enable anything from simple voyeuristic nosiness to blackmail schemes.

Stolen IDs are cheaper than Health Insurance?
Protenus, Inc. has released its 2017 review of breaches involving health data. It is the second annual review they have published since we began collaborating on data collection and analyses.
You can access Protenus’s full report here. Obviously, they are not responsible for my opinions or my predictions. They have enough problems without taking responsibility for me.

Remember that scene in “The Hunt for Red October” where the Captain assures his XO that you don’t need papers to travel state-to-state?
That anywhere within 100 miles of the border means that agents can demand pretty much anyone in Florida on a bus to show proof of citizenship. Do you carry your papers with you everywhere you go? I sure as hell don’t…. nor should I have to within my own country.
Jenny Jarvie reports:
The two uniformed U.S. Border Patrol agents clambered aboard a Greyhound bus in Fort Lauderdale, Fla., and instructed passengers to show proof of citizenship.
“This is new?” a woman on the bus from Orlando to Miami asked fellow passengers as agents questioned another woman several seats in front of them. “You ridden on the bus before?”
“Yeah,” another passenger replied. “A police officer is not even allowed to ask for immigration papers.… You have no right to stop me and ask me for ID.”
Minutes later, the agents escorted the woman they had been questioning off the bus.
Read more on the Los Angeles Times.

Perspective. What if they all started to whisper, “Vote for Oprah?” What if they knew what might convince you to vote for Oprah?
Apple says that 500 million customers use Siri
… Apple doesn't specify what exactly counts as a "user," nor whether these are daily or monthly users; the latter being more likely.
Before the press release, Apple had given an update on Siri usage last June, at its 2017 WWDC conference, where it said that some 375 million customers regularly used it.
"Siri, now actively used on over half a billion devices, has developed a deep knowledge of music and understands your preferences and tastes," the statement reads.

(Related) AR needs to know what you see to avoid things like placing game “treasure” in dangerous places (like a highway median). Incidentally, that means they know a lot about your home or office.
Apple’s AR system can now recognize more real-world objects

(Related) And it’s not just Apple.
If you’re using an Android phone, Google may be tracking every move you make

(Related) It’s not limited to phones. Any connected device will do.
Cory Doctorow writes:
Millions of new cars sold in the US and Europe are “connected,” having some mechanism for exchanging data with their manufacturers after the cars are sold; these cars stream or batch-upload location data and other telemetry to their manufacturers, who argue that they are allowed to do virtually anything they want with this data, thanks to the “explicit consent” of the car owners — who signed a lengthy contract at purchase time that contained a vague and misleading clause deep in its fine-print.
Car manufacturers are mostly warehousing this data (leaving it vulnerable to leaks and breaches, search-warrants, government hacking and unethical employee snooping), and can’t articulate why they’re saving it or how they use it.
Read more on BoingBoing.

I’ve programmed my computer to think about this.
… It’s critical for companies to understand the range of opinions on this issue, because implicitly or explicitly, they will influence the way business leaders create the workforce of the future.
… In a new Accenture survey (titled Reworking the Revolution, which will be published on January 23rd) of 1,200 C-level executives worldwide, 75% say that they are currently accelerating investments in AI and other intelligent technologies. And 72% say they are responding to a competitive imperative — they recognize the need for new tools to keep up with rivals, both by improving productivity and by finding new sources of growth. Some companies are transforming themselves into “intelligent enterprises,” in which all processes are digitized, decisions are data-driven, and machines do the heavy lifting — both physical and cognitive.

Something to share with my geeks.
If you wish Windows was open source, you should look into ReactOS!
… In this article, we’ll take a look at what ReactOS is, how to install it, and how it handles some existing Windows applications.
… The main goal of the project is to build an operating system that will run any Windows application you throw at it.

A programming resource!
Programming Notes for Professionals books

Tuesday, January 23, 2018

“Security is as security does.” F. Gump
IL: 'Serial Stowaway' Got Past TSA, Spent Night at O'Hare Before Flight to London: Prosecutors
… Hartman used her hair to hide her face and walk past two federal TSA Precheck agents who were checking boarding passes around 2 p.m. on Jan. 14 at O'Hare, prosecutors said Saturday.
After entering a security checkpoint, she then went to a terminal and tried to board a plane to Connecticut, but as she tried to "dart around" another passenger in line, she was stopped by a flight agent and told to sit down, Assistant State's Attorney Maria McCarthy told the court.
Hartman got onto a shuttle bus to the International Terminal and slept there overnight, prosecutors said.
The next day, Hartman managed to get past British Airways ticket agents and a Customs and Border Patrol officer, and onto a plane, prosecutors said. She sat in an empty seat and flew to London's Heathrow Airport, but when she showed her documents to a Customs agent, she was identified as someone who entered England without proper documentation, McCarthy said.

For my students who think.
Facebook Offers $100,000 Grants for Improving Internet Security
Facebook announced on Monday that it’s prepared to award $100,000 grants for research proposals focusing on improving online security, privacy and safety.
The new project, called “Secure the Internet Grants,” is part of the initiative announced last summer by Facebook CSO Alex Stamos. Stamos revealed at the Black Hat conference that the social media giant had prepared $1 million in funding to encourage original defensive research.

Because it worked so well for India?
Matt Agorist writes:
Earlier this month, Rep. Bob Goodlatte [R-VA-6] introduced H.R.4760 – Securing America’s Future Act of 2018, a sweeping bill that entails everything from Education and the Workforce to Homeland Security to the military. Also, tucked away in this 400-page behemoth of a bill are the details of a new biometric National ID card that could soon be required for everyone.
Not surprisingly, there is almost no media coverage on this legislation.
Read more on The Free Thought Project.

A most interesting email…
The techlash against Amazon, Facebook and Google—and what they can do
Eve Smith, Invisible Hand Strategies, LLC
To: Jeff Bezos , Marc Zuckerberg , Sundar Pichai
CC: Tim Cook , Reed Hastings , Satya Nadella
… Attached to this e-mail you will find the full report I promised, analysing the grave political and business risks that your firms face. I hope you will read everything I am sending in full, and please do not distribute my work to your underlings, as none of us want this e-mail to leak to the press.
The takeaway is that it is looking more likely that one of you could end up like the giant structure at Burning Man which the crowd torches, watching with rapt attention as it burns down to ash.

Is this good or bad for our Amazon HQ bid?
David M. Stauss and Gregory Szewczyk of Ballard Spahr write:
A bipartisan group of Colorado legislators proposed legislation that, if enacted, would significantly change the requirements for how Colorado entities protect, transfer, secure, and dispose of documents containing “personal identifying information” (PII). The proposed legislation also would expand the types of information covered by the Colorado Breach Notification Law and result in additional requirements for companies that have suffered a data breach, such as a 45-day deadline to provide notice to affected individuals.
Read more on National Law Review. This bill, if enacted, would provide much stronger protections for consumers. Take a look at it, and if you’re in Colorado, you might want to contact your legislator and express your enthusiasm for it.

For my Data Management students?
Orange Is the New Black isn’t just great television — it’s also an example of data-driven creativity in action. With the recent explosion of shows produced by Silicon Valley companies like Amazon, Hulu, and Netflix comes a fear that entertainment will increasingly be shaped by analysts crunching numbers rather than creatives following their artistic vision. Five years in, Netflix’s foray into original content demonstrates that what’s happened is actually the opposite: Data-driven platforms are giving high-quality, innovative entertainment a place to shine. Why? Because they can connect content and audiences in ways that broadcasters never could.

How AI Will Define New Industries
While it’s likely AI will create new jobs, its more immediate (and lasting) potential is in helping advance the science that underlies new industries.
If you were a brilliant artificial intelligence (AI) expert just graduating from a doctoral program at a prestigious school, would you pursue that startup you’ve been thinking about, join a company that wants to build cutting-edge AI applications, or use your expertise to help scientists in other fields conduct basic research?
Admittedly, this is a bit of a silly question. The opportunities presented by the first two options are outrageous, and growing more outrageous by the day. With more than 2,000 startups absorbing much of the top-tier AI talent — estimated by some to be just 10,000 individuals worldwide — the combination of great scarcity and even greater demand for talent is driving salaries through industry roofs. Some businesses offer seven-figure compensation packages for elite AI talent.

Netflix crosses $100 billion market capitalization as subscribers surge
Netflix Inc snagged 2 million more subscribers than Wall Street expected in the final three months of 2017, tripling profits at the online video service that is burning money on new programming to dominate internet television around the world.
The results drove Netflix to a market capitalization of more than $100 billion for the first time. Shares jumped 9 percent to over $248 in after-hours trading on Monday after rallying throughout the month and rising 53 percent last year.


Should you believe the hype or the science?
We’re about to kill a massive, accidental experiment in reducing global warming
Studies have found that ships have a net cooling effect on the planet, despite belching out nearly a billion tons of carbon dioxide each year. That’s almost entirely because they also emit sulfur, which can scatter sunlight in the atmosphere and form or thicken clouds that reflect it away.
… And we’re about to take it away.
In 2016, the UN’s International Maritime Organization announced that by 2020, international shipping vessels will have to significantly cut sulfur pollution.

Search like a Politician or at least like one of their staff gofers?
Search Tips by Category –
This combination FAQ and search tips site is a keeper – via the experts and – thank you –

Monday, January 22, 2018

But can it handle a mom with two or three “free ranging” kids?
Inside Amazon’s surveillance-powered no-checkout convenience store
By now many have heard of Amazon’s most audacious attempt to shake up the retail world, the cashless, cashierless Go store. Walk in, grab what you want, and walk out.
… As you might have seen in the promo video, you enter the store (heretofore accessible to Amazon employees only) through a gate that opens when you scan a QR code generated by the Amazon Go app on your phone. At this moment (well, actually the moment you entered or perhaps even before) your account is associated with your physical presence and cameras begin tracking your every move.
The many, many cameras.
… the system is made up of dozens and dozens of camera units mounted to the ceiling, covering and recovering every square inch of the store from multiple angles. I’d guess there are maybe a hundred or so in the store I visited, which was about the size of an ordinary bodega or gas station mart.
… The images captured from these cameras are sent to a central processing unit (for lack of a better term, not knowing exactly what it is), which does the real work of quickly and accurately identifying different people in the store and objects being picked up or held. Picking something up adds it to your “virtual shopping cart,” and you can pop it in a tote or shopping bag as fast as you like. No need to hold it up for the system to see.

For my Data Management students looking for jobs? “Show me the money!” Reads like the course outline.
Show me your data — the new precondition to M&As
In 2017, the total value of merger and acquisitions (M&As) exceeded three trillion dollars. Some of the more notable M&As in the past year include Amazon’s acquisition of Whole Foods, Intel’s purchase of autonomous vehicle tech firm Mobileye, and Verizon’s acquisition of Yahoo, which became a high-profile example of the cost undisclosed data breaches have on valuations — in this case a $350 million drop in the final price tag.
To better prepare for the growing threat against corporate, customer, and employee data, companies are enforcing new data management and protection practices. One such change is the practice of requiring that each party in an M&A transaction demonstrate compliance with industry privacy and security standards before finalizing a deal. Under the new precondition, buyers and sellers are making more granular requests for visibility into the other side’s entire information repository and lifecycle to safeguard their own business assets and brands.

Tools for my Data Management students.
ProgrammableWeb's Most Interesting APIs in 2017: Big Data and Analytics

Rick: How can you close me up? On what grounds?
Renault: I'm shocked,
shocked to find that gambling is going on in here.
Croupier: Your winnings, sir.
Renault: Oh. Thank you very much. Everybody out at once.
Report – Secret Origins of Evidence in US Criminal Cases
“In the United States today, a growing body of evidence suggests that the federal government is deliberately concealing methods used by intelligence or law enforcement agencies to identify or investigate suspects—including methods that may be illegal. It does so by creating a different story about how agents discovered the information, and as a result, people may be imprisoned without ever knowing enough to challenge the potentially rights-violating origins of the cases against them. Through a practice known as “parallel construction,” an official who wishes to keep an investigative activity hidden from courts and defendants—and ultimately from the public—can simply go through the motions of re-discovering evidence in some other way. For example, if the government learned of a suspected immigration-related offense by a person in Dallas, Texas, through a surveillance program it wished to keep secret, it could ask a Dallas police officer to follow the person’s car until she committed a traffic violation, then pull her over and start questioning her—and later pretend this traffic stop was how the investigation in her case started… This report recommends that the US executive branch prohibit all government departments and agencies from engaging in or contributing to parallel construction efforts, and disclose all policies related to the concealment of sources or evidence. The Office of the Director of National Intelligence (“ODNI”) should also publicly and fully disclose all policies and legal interpretations of the intelligence agencies that may affect criminal defendants or others involved in proceedings before US courts or tribunals. Additionally, the US Congress should require the disclosure to criminal defendants of complete information about the origins of the investigations in their cases, with special procedures as necessary to address classified information or information whose disclosure may jeopardize the safety of identifiable human informants…”

Tools for students.

Sunday, January 21, 2018

An example of poor “design for security?”
Here’s how Hawaii’s emergency alert design led to a false alarm
… AlertSense CTO Randy Grohs explained that there are essentially two paths to send an alert using the system. In one, an alert is created from scratch. The user of the software fills in information for the alert, like where it’s being sent, what the message says, and crucially, whether it’s a test or live alert.
But the company also lets software users create “templates” — options that fill in all of the information with one click. Templates can be created for both test and live alerts. (Hawaii has publicly said that the person who sent the false alarm chose an incorrect template option.)
Regardless of what’s selected, the user then has the opportunity to review the information before submitting the alert.
A pop-up box is the final step in sending the alert. The box has the same message, whether a live or test alert is sent: “Are you sure you want to send this Alert?”
… “If you don’t follow best practices, the difference between sending live and a demo can be configured to be a small difference,” Grohs says.

Useful arguments?
Federal appeals court orders DOJ to disclose surveillance documents
The US Court of Appeals for the Ninth Circuit [official website] on Thursday ordered [opinion, PDF] the Department of Justice (DOJ) [official website] to disclose two documents within an internal DOJ resource manual for federal prosecutors related to electronic surveillance and tracking devices in criminal investigations.
… The court ruled that the general methods for using technology to obtain information from suspects is publicly known investigative techniques, and thus are not covered under Exemption 7(E). The court found that the release of the information would also not allow wrongdoers to circumvent legitimate surveillance and the law. The court also found that only the portions of the documents that "present original legal analyses, not purely descriptive and not already incorporated in public documents, to guide federal prosecutors in litigation" can be withheld under Exemption 5. The court remanded to the district court to determine which portions of the documents meet the requirements for Exemption 5 and ordered the remainder of the documents be released.

Perspective. Facebook guides/leads/influences/rules the world?
The New York Times’ stock jumped following Facebook’s “trustworthy” news announcement
Shortly before markets closed yesterday, Facebook CEO Mark Zuckerberg posted that the social media company’s News Feed would prioritize news from sources that are “trustworthy, informative, and local.” Facebook users themselves will be responsible for determining what those are.
Immediately afterward, The New York Times’ stock shot up, ending the day up nearly 9 percent, according to data from FactSet. At $21.90, the paper’s stock price is the highest it’s been since before the recession. The New York Times has been riding high following the election of Donald Trump, hitting record growth in digital news subscriptions last year.
News Corp, which owns The Wall Street Journal and The New York Post, also saw its stock rise yesterday, as did FOX News owner 21st Century Fox. Those gains, however, were small in comparison to The New York Times.

Some ideas for my programming students?
Data mining is known as an interdisciplinary subfield of computer science and basically is a computing process of discovering patterns in large data sets. It is considered as an essential process where intelligent methods are applied in order to extract data patterns.

The archive of 3D sites is what interests me.
Geometry at Mount Rushmore - A Math Lesson
CyArk is an organization building an online library of 3D models of the world's cultural heritage sites. Mount Rushmore is one of the places that CyArk features in their galleries of 3D models. You can find the entire collection of places here.

Why GPS could reduce the murder rate…