Tuesday, June 23, 2015


Not exactly counter-propaganda, but then I don't think we know how to do that very well.
Europe’s top cops fight ISIS on social media
… Starting next week, a unit of the European police agency Europol will plan to remove social media accounts belonging to members of the Islamic State in Iraq and Syria (ISIS) within two hours of detecting them.
The unit will be working with various unnamed social media sites, Europol Director Rob Wainwright told the Guardian this weekend to “identify the ringleaders online” and keep tabs on who they are targeting for new recruits.
… The move is a sign of officials’ recognition that ISIS has had a tremendous ability to gather recruits internationally and inspire people around the globe to launch attacks against their home country.
… According to analysis from the Brookings Institution, there are at least 46,000 Twitter accounts associated with ISIS supporters.




Another article for my IT Governance and Risk Management class. We need a strategy...
Cybersecurity Has a Leadership Problem: Study
RAND didn't pull any punches in its 162-page report, The Defender's Dilemma, noting that defenders responsible for protecting corporate and personal data are unprepared, overwhelmed, and unsupported.
Researchers interviewed CISOs, reviewed existing technologies, and assessed the challenges behind making secure software in order to create the economic models, which make up the report, recently released by Juniper Networks.
Another common sense element found that people-centric investments, such as technologies to automate security management, advanced security training for employees, and hiring security staff led to greater cost-savings down the road. Organizations with high levels of security diligence curbed costs of managing security by 19 percent in the first year, and 28 percent by the tenth year compared to organizations with low diligence, RAND found in its survey.




A simple extension of biometrics. I wonder how far Facebook and others will wander down this road?
Facebook Is Now Able To Recognize You Without Even Seeing Your Face
… Facebook’s artificial intelligence team is testing out an algorithm that can recognize people in photos even if they are not looking at the camera.
According to New Scientist, the algorithm is able to identify people by reviewing hairdos, clothing, postures and body shapes. Facebook’s head of artificial intelligence Yann LeCun used CEO Mark Zuckerberg as an example of how the algorithm recognizes fashion preferences since he is known for always wearing a gray T-shirt.
… As of right now, the experimental algorithm is able to identify people with 83% accuracy.




Another government agency looking to hide behind “Management Theater?” (If you don't know how to solve a problem, do something that sounds good then keep shuffling the deck.)
FAA Refuses to Release Key Documents
The Federal Aviation Administration is refusing to release key documents that would support the agency’s claim that its controversial Biographical Questionnaire or BQ is valid. The BQ is a personality test that all FAA air traffic control applicants must pass in order to be considered for a job with the FAA. A FOX Business Network investigative report, ‘‘Trouble In the Skies’’, first exposed internal FAA documents which discredited the BQ on May 20, 2015.
The report also made public recordings of FAA employees offering to help air traffic control candidates cheat on the 2014 BQ.
… Failing scores on the BQ disqualified 3000 students from FAA Collegiate Training Initiative Schools, a program created by the FAA to prepare future air traffic controllers, from obtaining jobs with the agency. Those 3000 students had previously been considered “well qualified” by the FAA after earning the highest scores on an exam used by the FAA to test an applicant’s cognitive ability.
… The FAA discarded the BQ in 2015 and used a new version of the test also created by APT Metrics. The FAA refuses to say why the first version of the BQ was thrown out if it had been validated.


(Related) An example of Security Theater.
Tim Cushing writes:
Concerns over pervasive surveillance are often shrugged off with “ends justify the means” rationalizing. If it’s effective, it must be worth doing. But as more information on domestic surveillance programs surfaces, we’re finding out that not only are they intrusive, but they’re also mostly useless.
TrapWire — software produced by Stratfor and used by security and law enforcement agencies around the world — utilizes facial and pattern recognition technology to analyze CCTV footage for “pre-attack patterns,” meshing this information with other law enforcement databases, including online submissions from citizens reporting “suspicious behavior.”
Read more on TechDirt.




You gotta love it. I wonder how much of the government Google could replace? Probably almost as much as they influence with their political contributions.
Senators to feds: 'Just Google it'
Senators want to eliminate an agency tucked within the Commerce Department, suggesting that the Internet has made it obsolete.
Republican Sens. Mark Kirk (Ill.), Kelly Ayotte (N.H.), Tom Cotton (Ark.) and David Perdue (Ga.) introduced the Just Google It Act on Monday, which would eliminate the National Technical Information Service (NTIS).
… The senators pointed to a 2014 Government Accountability Office (GAO) report which found that a majority of documents added to the NTIS collection over the past twenty years could be found somewhere else, with most of those available for free online.
… The senators' proposal isn't the first time the agency has come under congressional fire.
Sen. Claire McCaskill (D-Mo.) and then-Sen. Tom Corburn (R-Okla.) introduced a similar proposal last year, the Let Me Google That For You Act.




For my Computer Security students.
Free recorded webinar on Pluralsight: Why SQL Injection Remains the #1 Web Security Risk Today
A couple of weeks ago I did a free webinar on Pluralsight titled Why SQL Injection Remains the #1 Web Security Risk Today (and what you should know about it). This is a rather self-explanatory title and it’s completely true – SQL injection remains a big thing and we keep getting it wrong. Like an example? Only 8 months ago, Drupal had a major vulnerability in their product. If you’re not already familiar with Drupal, it allegedly powers 2.1% of the world’s websites… including WhiteHouse.gov. But here’s the really scary bit from their announcement:
You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.




Another one for my toolkit.
How to Transcribe Video Files to Text with YouTube




A way to gather my handouts?
Book Creator for Windows - Create Multimedia eBooks
Book Creator has long been a popular iPad and Android app for creating multimedia ebooks. Today, the developers of Book Creator released a Windows version of the app.
Book Creator for Windows (Windows 8.1 or higher required) allows anyone to create his or her own ebooks using images, text, videos, and audio recordings. You can arrange your book in three different formats; portrait, square, or landscape. Each page in your book can include pictures and videos. In addition to the pictures and videos you can include as much as text as you can fit on each page. In fact, if you just want to have text on a page you can do that. If you would like to narrate your book you can tap the record button to add your voice to each page of your book. Every page in your book can have a custom color scheme.
Book Creator can be a fantastic tool for students to use to create short stories or to create longer research papers that include multimedia elements. [Now that is a nasty idea. I like it! Bob]




Dilbert on strategy.


No comments: