For
the “How to Hack” guidebook my Ethical Hackers are assembling.
Along with tips on detection and mitigation...
How
do hackers breach institutions like Canada's NRC?
Cyberattacks
like the one against the National Research Council of Canada are
increasing around the world. But by knowing the steps hackers would
use for a sophisticated attack, security experts try to gain the
upper hand.
"Sometimes
in breaches, companies call it a 'highly sophisticated cyberattack'
(as the Government of Canada's chief technology officer said in a
statement
Tuesday) in order to make it seem like they were beaten by the
best," Geoffrey Vaughan, a security consultant with Security
Compass, told
CTV News Channel.
"In
this case, the fact they were able to observe the attack for up to a
month in advance probably suggests it was a serious, sophisticated
attack."
Vaughan,
who is an ethical hacker, told CTVNews.ca the process is complicated,
but broke it down into six steps most hackers will use for more
sophisticated jobs.
(Related)
We collect these in the Appendices.
Boost
Your Security Posture through Membership in an Industry Information
Sharing and Analysis Center (ISAC)
… On the belief that there is strength in numbers, many
organizations are joining an industry-specific Industry Sharing and
Analysis Center (ISAC) to confidentially share threat and mitigation
information with their peers within their own industry.
According
to The National Council of
ISACs, “ISACs are trusted entities established by Critical
Infrastructure Key Resource (CI/KR) owners and operators to provide
comprehensive sector analysis, which is shared within the sector,
with other sectors, and with government.
Another
report management should read?
Last
week the Center for a New American Security (CNAS) released a new
report on cybersecurity authored by Richard Danzig titled “Surviving
on a Diet of Poisoned Fruit: Reducing the National Security Risks of
America’s Cyber Dependencies.”
…
Danzig outlines why and how cyber-vulnerabilities exist in a manner
that is approachable for newcomers to the field while offering deep
commentary for old hands. Highly recommended for anyone with an
interest in cyber policy. The report can be found at the CNAS’s
website here,
and the video of the panel is embedded below. The executive summary
is reproduced below the video.
You
don't really invest time and money to make Netflix faster, you just
make everyone else slower.
Netflix
Signs Streaming Deal With AT&T
Netflix
has signed yet another peering deal, this time with AT&T. The
deal, which follows on from similar agreements with Comcast and
Verizon, means Netflix
will receive VIP treatment through the AT&T tubes. This is
good news for customers in the short term, but bad news for everyone
in the long term… less buffering now means the death of net
neutrality later.
The
world, she is a-changing!
How
the Internet of Things Changes Business Models
As
the Internet of Things (IoT) spreads, the implications for business
model innovation are huge. Filling out well-known frameworks and
streamlining established business models won’t be enough. To take
advantage of new, cloud-based opportunities, today’s companies
will need to fundamentally rethink their orthodoxies about value
creation and value capture.
…
But in a connected world, products are no longer one-and-done.
Thanks to over-the-air updates, new features and functionality can be
pushed to the customer on a regular basis. The ability to track
products in use makes it possible to respond to customer behavior.
And of course, products can now be connected with other products,
leading to new analytics and new services for more effective
forecasting, process optimization, and customer service experiences.
…
In his classic book Competitive
Strategy, Michael Porter describes three generic strategies:
differentiation, cost leadership, and focus. For some industries,
those basic strategies still hold true today. But in industries that
are becoming connected, differentiation, cost, and focus are no
longer mutually exclusive; rather, they can be mutually reinforcing
in creating and capturing value. If your company is an incumbent
firm that built its kingdom through a traditional product-based
business model, be concerned as your competition and
disruption-minded start-ups take advantage of the IoT.
(Related)
Move, but move carefully!
70
Percent of IoT Devices Vulnerable to Cyberattacks: HP
A
new study published by HP on Tuesday reveals that 70% of the most
popular Internet of Things (IoT) devices contain serious
vulnerabilities.
The
company used its HP Fortify on Demand application security testing
service to check ten of the most commonly used IoT devices and their
cloud and mobile application components. The list includes TVs,
power outlets, webcams, smart hubs, home thermostats, sprinkler
controllers, home alarms, scales, garage door openers, and door
locks.
According
to HP's report,"Internet of Things Security: State of the
Union", a total of 250 security holes have been found in the
tested IoT devices — on
average, 25 per device. The issues are related to
privacy, insufficient authorization, lack of transport encryption,
inadequate software protection, and insecure Web interfaces.
For
example, the
study shows that 80%
of the tested devices, including their corresponding cloud and mobile
apps, raised privacy concerns regarding the collection of user data
such as names, email addresses, physical addresses, date of birth,
financial and health information.
Something
for those idle law school students? Perhaps in collaboration with my
industrious geeks?
This
is an exciting RFP:
The Berkeley Center for Law & Technology and Microsoft are
issuing this request for proposals (RFP) to fund scholarly inquiry to
examine the civil rights, human rights, security
and privacy issues that arise from recent initiatives to
release large datasets of government information to the public for
analysis and reuse. This research may help ground public policy
discussions and drive the development of a framework to avoid
potential abuses of this data while encouraging greater engagement
and innovation.
This RFP seeks to:
- Gain knowledge of the impact of the online release of large amounts of data generated by citizens’ interactions with government
- Imagine new possibilities for technical, legal, and regulatory interventions that avoid abuse
- Begin building a body of research that addresses these issues
Read
the details and criteria on Berkeley
Law. The proposal application deadline is September 25th.
Microeconomics
101 The elasticity argument is true, but the “alternate goods”
argument is better.
Amazon
Does E-Book Math For Hachette In Arguing For $9.99 Prices
After
months of speculation and squabbling, Amazon.com
finally laid out its position in black and white in its dispute with
Hachette Book Group. In a
post on Tuesday to an Amazon Kindle forum, the Seattle company
said that its “key objective” was to lower e-book prices, noting
that there would be greater benefits for authors, the publisher,
customers and the online retailer if prices were cut by as much as
half.
…
“For every copy an e-book would sell at $14.99, it would sell 1.74
copies if priced at $9.99,” the company wrote. “So, for example,
if customers would buy 100,000 copies of a particular e-book at
$14.99, then customers would buy 174,000 copies of that same e-book
at $9.99. Total revenue at $14.99 would be $1,499,000. Total
revenue at $9.99 is $1,738,000.”
Citing
e-books’ high price elasticity, Amazon went on to argue that
e-books aren’t simply competing with other books. Rather, they’re
competing with other forms of media engagement–from games to movies
to online news publications–that take up a potential reader’s
time.
(Related)
Competing for a large market.
Amazon
to invest $2 billion in India, a day after Flipkart's $1 billion
funding
A
day after Flipkart announced raising $1 billion in funds, e-commerce
giant Amazon on Wednesday said that it will invest an additional $2
billion in India to support its growth in the country.
"After
our first year in business, the response from customers and small and
medium-sized businesses in India has far surpassed our expectations,"
said Jeff
Bezos, founder and CEO of Amazon.com.
"We
see huge potential in the Indian
economy and for the growth of e-commerce in India.
Another
“competition” story. (Is this why Rupert Murdock wanted Time
Warner?)
FCC
chairman calls out Time Warner over Dodgers TV impasse
The
Federal Communications is not happy with Time Warner Cable about the
Dodgers TV situation.
In a
blistering letter to Time Warner Cable Chief Executive Rob Marcus,
FCC Chairman Tom Wheeler criticized the company for its inability to
reach agreements with other area pay-TV distributors for SportsNet
LA, the new Dodgers-owned channel.
"I
am writing to express my strong concern about how your actions appear
to have created the inability of consumers in the Los Angeles area to
watch televised games of the Los Angeles Dodgers," Wheeler
wrote. "The FCC will continue to monitor this dispute closely
and will intervene as appropriately necessary to bring relief to
consumers."
Somehow
I think this is wishful thinking.
As
Sanctions Pile Up, Russians’ Alarm Grows Over Putin's Tactics
Russia,
facing the toughest round of Western sanctions imposed since the
Ukraine crisis erupted, has adopted a nonchalant public stance, with
President Vladimir V. Putin emphasizing the importance of
self-reliance and a new poll released Tuesday indicating a “What,
me worry?” attitude among the bulk of the population.
But
beneath that calm facade, there is growing alarm in Russia that the
festering turmoil in Ukraine and the new round of far more punitive
sanctions — announced Tuesday by both European nations and the
United States — will have an impact on Russia’s relations with
the West for years to come and damage the economy to the extent that
ordinary Russians feel it.
The
future belongs to Twits?
Twitter
Reveals Its Master Plan For Growing As Big As Facebook
…
For months, Twitter has been struggling with the perhaps
unreasonable expectation of investors that its growth curve resemble
that of Facebook.
This is a significant problem, as its acquisition of monthly active
users has been slowing
down, meaning it could be decades, not years, before it accrues
the 1.3 billion Facebook has now.
Costolo’s
solution is to tell everyone we’ve been counting wrong. The 271
million MAUs Twitter announced
today (itself marking a comfortable jump of 16 million from the
previous quarter’s mark) only comprise one segment of Twitter’s
audience.
Because
no music existed before 1960?
–
is your way to be taken back to a previous year and listen to the
music for that year. The music comes from YouTube, and covers the
period between 1960 till 2013. Just choose your year, and the page
will fill up with YouTube videos for the music for you to play.
I
find this interesting. Since movie theaters are now digital, you
could download and screen any movie at any time. Perhaps libraries
will add theater rooms. How expensive could old movies be? Perhaps
a student “Movie Club?”
–
is a site where you can attend screenings others have created, or by
creating and sharing your own screenings. So if you missed the
latest blockbuster, only love the classics, need to organise a party
or have just made your first feature, this is the place for you.
Pick your film. Choose your cinema. Select your date and time.
Invite your friends. If enough people book tickets, your screening
happens.
High
heeled roller skates. (From a discussion with my students.)
Acton
RocketSkates
No comments:
Post a Comment