A summary for my Computer Security students.
17 types of Trojans and how to defend against them
Trojan malware comes in many different types, but all require a user action to initiate.
Why is government so bad at projects like these? " A billion here, a billion there, and pretty soon you're talking real money"
Pentagon’s $2 Billion Cybersecurity Project Slowed by Flaws
The Defense Department has halted deployment on its classified networks of a $2 billion cybersecurity project intended to detect intrusions and prevent attacks because of poor test results, according to the Pentagon’s testing office.
The effort to consolidate hundreds of U.S.-based and global systems continues to be fielded to non-classified networks even though test assessments since 2016 have continually shown it’s “unable to help network defenders protect DoD component networks against operationally realistic cyber attacks,” testing chief Robert Behler wrote in his latest criticism of the project known as the Joint Regional Security Stack.
Curious. Is this where the ‘Trump gang’ stayed during their visit to the Capital?
https://www.cnbc.com/2021/01/13/airbnb-cancels-dc-reservations-during-inauguration-week.html
Airbnb canceling and blocking DC reservations during inauguration week
Airbnb is canceling and blocking future reservations in the Washington, D.C., metro area during the week of President-elect Joe Biden’s inauguration, the company said Wednesday.
Guests who had reserved a place will be refunded in full, Airbnb said. It will also reimburse the hosts with the money that would have been earned from the canceled reservations.
Someone is watching but do enough people care?
https://www.pogowasright.org/epic-urges-dhs-to-suspend-new-counterintelligence-records-system/
EPIC urges DHS to Suspend New Counterintelligence Records System
From EPIC.org:
EPIC submitted comments to the Department of Homeland Security in response to a system of records notice and proposed exemptions from Privacy Act requirements for a new counterintelligence records system. DHS’s proposed records system would permit nearly limitless collection of sensitive personal information and unchecked disclosure of that information to state, local and international agencies, and to private companies. DHS’s proposed exemptions would eliminate all individual rights under the Privacy Act nd exempt DHS from basic Privacy Act requirements, including limiting data collection to ecessary information. EPIC recently insisted that DHS rescind a proposed expansion of he use of biometrics, including facial recognition, across the agency.
What can be done, will be done. (We can, therefore we must)
Surveillance group exposes disturbing Huawei patent for AI-powered Uighur detection
A Huawei patent that mentions AI-powered identification of Uighur people and other ethnic groups has been discovered.
The patent was exposed by video surveillance research group IPVM, the same organization that had previously spotted references to an AI “Uighur alarm” on Huawei‘s website, as well as evidence that Alibaba had offered “Uighur-detection-as-a-service.”
IPVM also recently found 12 government projects from the last few years that mandate Uighur analytics across the country. These show that the persecution of the Muslim minority group spreads way beyond the Xinjiang Uighur Autonomous Region in north-western China.
Better. Is there a ‘best?’
https://www.makeuseof.com/ring-end-to-end-encryption/
Ring Doorbells Now Support End-to-End Encryption
… From a privacy standpoint, end-to-end encryption is a massive step forward.
Perhaps most importantly, Ring will not be able to hand over footage to law officials, should they come calling.
By default, Ring already encrypts videos when they are uploaded to the cloud (in transit) and stored on Ring’s servers (at rest). With End-to-End Encryption, customer videos are further secured with an additional lock, which can only be unlocked by a key that is stored on the customer’s enrolled mobile device, designed so that only the customer can decrypt and view recordings on their enrolled device.
This is a can of worms we have to deal with. I’m not sure this the entire solution.
https://www.bespacific.com/how-to-hold-social-media-accountable-for-undermining-democracy/
How to Hold Social Media Accountable for Undermining Democracy
Harvard Business Review: “The problem with social media isn’t just what users post — it’s what the platforms decide to do with that content. Far from being neutral, social media companies are constantly making decisions about which content to amplify, elevate, and suggest to other users. Given their business model, which promotes scale above all, they’ve often actively amplified extreme, divisive content — including dangerous conspiracy theories and misinformation. It’s time for regulators to step in. A good place to start would be clarifying who should benefit from Section 230 of the Communications Decency Act, which has been vastly over-interpreted to provide blanket immunity to all internet companies — or “internet intermediaries” — for any third-party content they host. Specifically, it’s time to redefine what an “internet intermediary” means and create a more accurate category to reflect what these companies truly are, such as “digital curators” whose algorithms decide what content to boost, what to amplify, how to curate our content…”
(Related)
Poland plans to make censoring of social media accounts illegal
… “Algorithms or the owners of corporate giants should not decide which views are right and which are not,” wrote the prime minister, Mateusz Morawiecki, on Facebook earlier this week, without directly mentioning Trump. “There can be no consent to censorship.”
Morawiecki indirectly compared social media companies taking decisions to remove accounts with Poland’s experience during the communist era.
“Censorship of free speech, which is the domain of totalitarian and authoritarian regimes, is now returning in the form of a new, commercial mechanism to combat those who think differently,” he wrote.
(Related)
https://www.washingtonpost.com/technology/2021/01/13/twitter-trump-ban/
Twitter CEO Jack Dorsey said the Trump ban reflected ‘a failure’ to police online discourse
(Related)
https://www.axios.com/google-capitol-siege-political-ads-46b7df29-24f4-4170-9260-ef8245942a95.html
Scoop: Google pausing all political ads following Capitol siege
Google informed its advertising partners Wednesday that beginning Jan. 14, its platforms will block all political ads, as well as any related to the Capitol insurrection, "following the unprecedented events of the past week and ahead of the upcoming presidential inauguration," according to an email obtained by Axios.
The world has changed.
The Future of Work Is Through Workforce Ecosystems
… Seventy-five percent of respondents to our 2020 global survey of 5,118 managers now view their workforces in terms of both employees and non-employees. Growth in the variety, number, and importance of different types of work arrangements has become a critical factor in how work gets done in (and for) the enterprise.
We see many companies experimenting with ways to manage all types of workers in an integrated fashion. Several novel management practices have emerged across the business landscape. Even so, few — if any — best practices exist for dealing strategically and operationally with this distributed, diverse workforce that crosses internal and external boundaries. Executives seeking an integrated approach to managing an unintegrated workforce are left wanting.
We contend that the best way to conceptualize and address these shifts and related practices is through the lens of workforce ecosystems. We define workforce ecosystem as a structure that consists of interdependent actors, from within the organization and beyond, working to pursue both individual and collective goals.
Perspective.
https://fortune.com/2021/01/13/cryptocurrency-bitcoin-visa-anchorage-federal-bank-charter/
In a first for the crypto industry, Visa-backed Anchorage gets a federal bank charter
A startup called Anchorage announced on Wednesday that it has become the first cryptocurrency company to receive a federal charter from the Office of the Comptroller of the Currency.
Wonky and technical as it sounds, the news is a significant milestone for the burgeoning crypto industry, since it provides a legal green light for big banks and other traditional financial companies to use Anchorage as a means to offer Bitcoin and other digital currencies to their customers.
No comments:
Post a Comment