That's
why I have my Ethical Hacking students hack my lawyer's car. (As
always, using the server we hacked in North Korea)
Kyle
Wiens writes:
Cars, especially, have a profound legacy of tinkering. Hobbyists
have always modded them, rearranged their guts, and reframed their
exteriors. Which is why it’s mind-boggling to me that the
Electronic Frontier Foundation (EFF) just
had to ask permission from the Copyright Office for tinkerers to
modify and repair their own cars.
“Two of EFF’s requests this year are on behalf of people who need
to access the software in cars so they can do basic things like
repair, modify, and test the security of their vehicles,” says Kit
Walsh of the EFF. “Because Section 1201 of the DMCA prohibits
unlocking ‘access controls’—also known as digital rights
management (DRM)—on the software, car companies can threaten anyone
who needs to get around those restrictions, no matter how legitimate
the reason.”
Read
more on Wired.
A
false reading could result in an attempt to pump 2,000 gallons of
fuel into a tank that's only down 1,000 gallons. How quickly could
they stop the pumps?
US
Gas Stations Exposed to Cyberattacks: Researchers
Malicious
actors could theoretically shut down more than 5,300 gas stations in
the United States because the automatic tank gauges (ATGs) used to
monitor fuel tanks are easily accessible via the Internet.
ATGs
are electronic devices that monitor fuel level, temperature, and
other parameters in a tank. The devices alert operators in case
there is a problem with the tank, such as a fuel leak.
…
“Many
ATGs can be programmed and monitored through a built-in serial port,
a plug-in serial port, a fax/modem, or a TCP/IP circuit board. In
order to monitor these systems remotely, many operators use a TCP/IP
card or a third-party serial port server to map the ATG serial
interface to an internet-facing TCP port. The most common
configuration is to map these to TCP port 10001,” Rapid7’s HD
Moore noted in a blog
post.
…
Kachoolie
provides a service that allows users to test if their tank
gauges are secure.
If
you have nothing to hide, you will be happy to reveal all of your
proprietary functions?
Apple
agrees to China’s security checks on iPhones
Apple has agreed to China's demand of carrying out security checks on
its products, including iPhone, the country's cyber security
regulator has announced. The decision makes Apple the first foreign
company to accept its proposal on security checks, Cyberspace
Administration of China, said.
The
move is significant because other US companies including Google and
Facebook have earlier refused to undergo security checks. "These
firms have had to leave the Chinese market because of their refusals
to comply," State media said.
I
have multi-tools in my glove box and my toolkit. You probably should
skip this if you fly. I wouldn't want to be tackled by the TSA as I
go through security.
The
wearable tool, the new Leatherman Tread
…
“The idea originated on a trip to Disneyland with my family,”
said President Ben Rivera. “I was stopped at the gate by security
for carrying a knife, when what they had actually seen was my
Skeletool. I was unwilling to give it up, so they made me take it
all the way back to my hotel room. I knew there had to be another
way to carry my tools with me that would be accepted by security.”
When he returned from his trip, Rivera, who began his tenure at
Leatherman Tool Group 24 years ago as an engineer, began by wearing a
bike chain bracelet to see how it would feel. As his thoughts took
shape, he brought his idea to the engineers at Leatherman who helped
fast track his plans.
…
The Tread bracelet began taking shape. Each complex link was metal
injection molded for strength and intensity. The bracelet was
crafted to be fully customizable with slotted fasteners, so the user
could rearrange links, add new ones, or adjust for wrist size to ¼”.
Even the clasp is functional with a bottle
opener [Mmm,
beer! Bob] and #2 square drive. Other link tools include
a cutting hook, hex drives, screwdrivers, box wrenches, and a carbide
glass breaker.
Your
“digital estate?” Personally, I have a plan to live forever.
(So far, it's working)
Everybody
Dies: What is Your Digital Legacy?
Alethea
Lange – CDT – “What happens to your email when you die?
For most people this hopefully isn’t an urgent question, but a few
high profile cases
have made it an issue
for lawmakers and judges around the world. You might think that your
family could show up with a death certificate and/or a court order
and get access to your digital content, but it’s not that
straightforward. The federal Electronic Communications Privacy Act
(ECPA) governs what types of information cloud service providers like
Google and Yahoo! can disclose and under what circumstances — and
it doesn’t account for
death. Companies are inclined to point to their terms of
service to decide when and how to provide access to accounts, but
this is often decided on a case-by-case basis. This has left a
confusing and delicate gap in the law that competing entities are
rushing to fill. It’s easy to forget the amount of administrative
work we conduct in online accounts —many of us only receive
electronic statements and bills— and one of the tasks facing
grieving families and friends is to close and settle accounts for
their deceased love ones. This is challenging without access to
email or other digital accounts where statements and other
notifications are commonly sent. Additionally, years of family
memories can be stored in a password-protected account, often through
cloud services. The combination of sentimental and practical reasons
to give access, and the serious privacy concerns implicated in doing
so, has made this a hot button issue. Several states have already
introduced legislation, and we expect to see more this legislative
session. Currently, anyone
can write their will to include instructions for the dispensation of
online accounts in whatever way they wish. ECPA does not
prevent account holders from granting access to their own accounts by
sharing passwords or other security details. (Pro-tip: Don’t put
your passwords in your will because that document will become part of
the public record. Instead, leave instructions for where to find a
list of passwords to chosen accounts.) This is a good solution —
it allows individuals to express their wishes, gives clarity to tech
companies, and doesn’t require anyone to look at the U.S
Code. However, only
45 percent of Americans have a valid will at death,
and far fewer specifically address access to digital accounts,
leaving many personal representatives with uncertain fiduciary
duties.”
Entertaining
with “education”
Hack
Education Weekly News
…
A
new law in Illinois
would require students hand over their social
media passwords to
schools if the school has reason to believe that their social media
accounts have evidence she or he violated a school policy. Even
if it’s posted at home, after school hours. Remind me again
how the federal government is going to protect student privacy again?
For
my Math students (with iPad)
…
with the introduction of a completely redesigned app for the iPad —
now, everything that lives
on the site is also available to iPad users. That
includes some 150,000 learning exercises, content that product
director Matt Wahl said was "where the majority of people spend
their time on Khan Academy today."
Just
a tip for my Data Analytics students. Learn to program in “R”
or SAS or SPSS (not free)
Microsoft
Buying Revolution Analytics For Deeper Data Analysis
Microsoft
announced Friday that is will close a gap in its data-analysis
portfolio by acquiring Revolution Analytics, an eight-year-old vendor
that has developed a commercially supported enterprise platform
around the open-source R statistical- and predictive-analysis
language.
"We're
making this acquisition to help more companies use the power of R and
data science to unlock big data insights with advanced analytics,"
wrote Microsoft's Joseph Sirosh, corporate vice president, machine
learning, in
a blog post on Jan. 23.
SAS
is the marketshare leader in advanced analytics, followed by IBM,
which acquired SPSS in 2009 in order catch up in that arena.
Note:
Sharing data is easy, if you want to share data. Implications for
e-Discovery?
How
Chicago Solved Its Open Data Dilemma
How
Chicago Solved Its Open Data Dilemma, Loraine Lawson – “In
New
York City, obtaining a public data set required an open records
request and the researcher toting in a hard drive. So grab a
notepad, Big Apple, and let the Windy City show you how to do open
data. A recent GCN
article describes how Chicago simplified the release and updating of
open data by building an OpenData ETL Utility Kit. Before the
kit, the process was onerous. Open data sets required manual updates
made mostly with custom-written Java code. That data updating
process is now automated with the OpenData ETL Utility Kit.
Pentaho’s Data Integration ETL tool is embedded into the kit, along
with pre-built and custom components that can process Big Data sets,
GCN reports. “What’s different now is we have a framework that
can be easily used by a lot of people,” Tom Schenk, the city’s
chief data officer, told GCN. “I could also give that tool to a
number of users around the city of Chicago and they’d to be able to
program ETLs that are going be easier for them to understand, easier
for them to create. It allows us to be more nimble.” In a
particularly compelling use case, the city tapped into an application
programming interface (API) that monitors water quality at Lake
Michigan beaches and used the ETL to push out information hourly. If
you’re curious
about the OpenData ETL Utility Kit — and I’m looking at you,
New York City — you can download it from github.”
I'll
ask my students. Is this important?
Download
your WhatsApp Contacts
You
can now use the WhatsApp messenger on your Mac or Windows PC provided
you have the WhatsApp app running on a mobile phone that is not an
iPhone. Go to web.whatsapp.com on your desktop, scan the QR code on
the screen with WhatsApp on your phone and you can instantly send or
receive messages to any of your WhatsApp contacts from the computer.
Think
of this as a live link rather than a dead citation.
Try
Citebite for Linkly Directly to Quotes from the Web
Cite
Bite is a simple tool for creating a direct link to a passage of
text on a webpage. It's a simple process to create a direct link to
a quote using Cite Bite. To use the service just copy and paste the
chunk of text you want to share into Cite Bite. Then copy and paste
the url of the source into Cite Bite. Cite Bite then creates a url
that you can share with others to send
them directly to the quote you want them to read.
Applications
for Education
Cite
Bite could be a handy little tool for those times when you want
all of the students in your classroom to read and discuss a passage
from an online article. While you could probably accomplish the same
thing by just posting the source link on your classroom blog, the
benefit of Cite Bite is that it will automatically highlight and
direct students to the passage you want them to discuss.
'cause
this is important! (No iPhone App? What are they, a bunch of Commie
Pinkos?)
How
to watch the Super Bowl on your Android phone or tablet
…
Fortunately, you can stream the game live right from your Android
tablet or phone. NBC will live stream the game, and you shouldn't
even have to log in or provide any sort of pay TV credentials. The
network will even stream the halftime show this year. It will stream
ads too, though they won't necessarily be the same ads that air on
broadcast TV.
On
tablet, you'll want to pick up the NBC
Sports Live Extra app.
If
you have Verizon, you'll want to grab the NFL
Mobile app.
Don't
have Verizon? Well, NBC will stream the game on its NFL
Sports Live Extra website, too. You can always try firing up
your web browser on your phone and going there, but there's no
guarantee it'll work.