Bruce
(once again) raises some interesting questions. I doubt politicians
care about the answers.
We
Still Don't Know Who Hacked Sony
Welcome
to a world where it's impossible to tell the difference between
random hackers and national governments.
If
anything should disturb you about the Sony
hacking incidents and subsequent denial-of-service
attack against North Korea, it’s that we still don’t know
who’s behind any of it. The FBI said
in December that North Korea attacked Sony. I
and
others
have serious doubts. There’s countervailing evidence to suggest
that the culprit may have been a Sony
insider or perhaps Russian
nationals.
No
one has admitted taking down North Korea’s Internet. It could have
been an act
of retaliation by the U.S. government, but it could just as well
have been an ordinary
DDoS attack. The follow-on attack
against Sony PlayStation definitely seems to be the work
of hackers
unaffiliated with a government.
…
When it’s possible to identify the origins of cyberattacks—like
forensic experts were able to do with many of the Chinese
attacks
against U.S. networks—it’s as a result of months of detailed
analysis and investigation. That kind of time frame doesn’t help
at the moment of attack, when you have to decide within milliseconds
how your network is going to react and within days how your country
is going to react. This, in part, explains the relative
disarray
within the Obama administration over what to do about North Korea.
Officials in the U.S.
government and international institutions simply don’t have the
legal or even the conceptual framework
to deal with these types of scenarios.
…
It’s a strange future we live in when we can’t tell the
difference between random hackers and major governments, or when
those same random hackers can credibly threaten international
military organizations.
Do
they all have lousy security?
There’s
someone else I need to follow, as he/they seems to be hacking a
number of universities and colleges.
In a
post on Pastebin yesterday, @MarxistAttorney (web
site) claimed a number of hacks, including, California
State University, University
of Kentucky, University
of Connecticut, University
of Maryland, Coastal
Carolina University, and
Abertay University.
For
each entity, there is a data dump for proof of claim; other data
dumps are linked from his web site. DataBreaches.net is not linking
to the individual data dumps, but has reached out to each of the
universities mentioned above to ask them if they will confirm or deny
that they have been hacked and that those are their data. The
University of Kentucky has already acknowledged our inquiry and
states that they are investigating the claimed hack.
This
post will be updated as more information or responses become
available, but in a quick attempt to verify the claims,
DataBreaches.net found that one of the data dumps that had been
labeled California State University had originally been posted
elsewhere as a hack of the San
Diego Zoo with attribution to “Paw
Security(@PawSecReturns) #Op4Pawz.”
Google
searches of strings in some other dumps did not locate any duplicates
or previous postings.
Does
“Attorney” have a gripe against U. of Maryland that contributed
to it being targeted? Perhaps, as this tweet suggests:
You should've accepted me into your university #Carbonic
http://carbonic.in/dumps/umd.txt
@UofMaryland
Update:
In response to this site’s inquiry, “Attorney” emailed
the following statement and posted a copy of it on Pastebin:
Greetz to @TeamCarbonic.
In response to this –
http://www.databreaches.net/universities-hacked-data-dumped-by-marxistattorney/?utm_medium=twitter&utm_campaign=fk7h35y573m&utm_source=twitterfeed
I targeted universities for the sole pleasure of the “lulz” that
came out of this. It is true, I have thousands upon thousands of
logins, employee ids, and various other sensitive information
regarding the universities. What I intend to do with this data is
publicize it to undermine the idiots at the IT Team.
Regards,
Attorney
Attorney
Apart
from an initial response from U. of Kentucky saying that they were
looking into things, DataBreaches.net has received no responses yet
to the inquiries it sent to the universities asking them to confirm
or deny they were hacked.
This
might be a good time to remind everyone that no
federal agency has really taken any point or serious interest in
investigating data breaches in the education sector. The FTC claims
it does not have authority over non-profits under Section 5 of the
FTC Act. They have not responded substantively to this
blogger’s analysis and EPIC’s analysis that the FTC does have
authority under the Safeguards Rule if financial information is
involved.
The
“Internet of Things” facilitates yet another surveillance tool
that car owners might like? As “Things” get “smarter” you
will find your life “guided” by software.
GM
uses OnStar 4G LTE – not a crystal ball – to predict breakdowns
before they happen
…
Here’s how GM describes the system: “Data is sent to OnStar’s
secure servers and proprietary algorithms are applied to assess
whether certain conditions could impact vehicle performance. When
indicated, notifications are sent to the customer via email, text
message, in-vehicle alerts or through the OnStar RemoteLink
smartphone app.”
…
Essentially, this means GM has figured out what symptoms various
components demonstrate before they fail and has its servers watching
out for them. When they’re detected, you’re notified before the
battery, starter, or fuel pump kick the bucket.
Though
the system will only work on those three components and on those
specific vehicles at first, GM will be rolling the prognostic
capabilities into its full 2016 line throughout the year.
(Related)
We're becoming more “thingie” (thingy?)
International
CES: The Internet of Things Takes Center Stage
… The new devices at the event, which opens to the news media on
Monday and to the public on Tuesday, will include a Wi-Fi-connected
ceiling fan controlled by a Nest Learning Thermostat, and automated
door locks, light switches and LED bulbs. Under
Armour, the sports apparel company that has experimented with
smart
sports clothing, will exhibit at CES, as will the Girl Scouts of
America, which is introducing a new digital app.
…
In some cases, companies have joined in head-scratching
collaborations, building devices that do not show an obvious need for
an Internet connection, but that may find consumer interest anyway.
For example, two separate wristbands on display — the Reemo
and the Myo
— will let their wearers control video games, phones and connected
devices in the home using arm waves and gestures.
Other
devices are targeting a niche consumer base. Tagg’s GPS-enabled pet
trackers can report your pet’s location and the temperature
there. Connected workout clothing from Hexoskin
will let trainers monitor athletes from afar — even from different
countries.
The
new Madison Avenue? Do you have at least X followers on social
media? Is it possible you like/use/need our product? Let us pay you
ridiculous amounts of money to keep doing what you are doing but with
our ads pasted on top.
Lady
Gaga Has Turned Her Instagram Selfies Into Ads For A Japanese Beauty
Brand
Lady
Gaga has taken 50 selfies that will act as the centerpiece for the
Japanese beauty brand Shiseido's ad campaign during one of Japan's
busiest shopping periods.
The
pop star, infamous for her Instagram selfies, has become the face —
and the photographer — of Shiseido’s 2015 New Year’s campaign,
according
to WWD.
A
Lady Gaga Shiseido ad appeared in numerous Japanese national and
regional newspapers over the New Year's period. Forty-six were
published on New Year's Day, with the remaining four pushed out
Friday.
…
Making the activity all the more interesting is that Gaga has failed
to mention the selfies are part of a marketing push, or any
affiliation with Shiseido. If anyone were to complain about the lack
of signposting, Gaga and Shiseido could incur the wrath of
advertising regulators.
Perspective.
Google
Was Asked To Delete 345 Million Links In 2014 Over Copyright
Infringement
Google
is getting asked to remove more and more links over copyright issues,
with requests up 75% year-over-year.
Torrent
Freak has compiled all of Google's weekly transparency reports
into one study that looks at the whole of 2014.
…
It's important to note that Google isn't hosting the
copyright-infringing material. Rather, publishers are asking Google
to remove search links to that material.
Copyright
holders contact Google and ask the company to hide links to websites
containing content posted illegally. The biggest sites that rights
holders complained about in 2014 were 4shared, Rapidgator, and
Uploaded, all well-known places to illegally download music and
movies.
Where
to put your advertising dollars? If you rely on this infographic,
you're doing it all wrong!
Want
To Buy Some Ads? Should You Go Facebook or Google?
You’ll
need to make this decision based on the needs
of your business, but we’ve found a handy infographic that
breaks down some key differences between the two. It will push you
in the right direction and help you make an educated decision.
Via
Wishpond
One
for the toolkit.
Jing
- A free tool to capture Images & Video
I
have long been a fan of Jing,
TechSmith’s
free screen capture software. It’s a fast and easy way to grab a
quick screenshot or record a video on the fly. Recently, TechSmith
upgraded Jing to include a FREE membership to Screencast.com;
you now get 2GB of free storage and 2GB of bandwidth per month.
Screencast.com allows you to safely upload and store video as well as
images, to control who views your content, to download media in a
variety of formats, and to share content in a myriad of ways.
After
downloading and installing Jing (available for Mac
and PC),
create your free Screencast.com account.
No comments:
Post a Comment