Wednesday, April 06, 2016

No details, but an interesting admission if true.

Mossack Fonseca: we were hacked

On April 4, the Panamanian law firm at the center of a huge scandal issued a statement saying, among other things, that the media has misrepresented what they do, that everything they do is perfectly aboveboard, and they regret – but are not responsible for – any clients who may have misused their services despite their due diligence.
Yesterday, Reuters reported that the law firm announced that they were the victim of an external hack, and have filed a complaint with state prosecutors.
“We rule out an inside job.  This is not a leak.  This is a hack,” Fonseca, 63, said at the company’s headquarters in Panama City’s business district.  “We have a theory and we are following it,” he added, without elaborating.
“We have already made the relevant complaints to the Attorney General’s office, and there is a government institution studying the issue,” he added, flanked by two press advisers.
Read more on Reuters..


A depressing example of management inaction for my Computer Security students.

Hackers broke into hospitals despite software flaw warnings

Tami Abdollah reports:
The hackers who seriously disrupted operations at a large hospital chain recently and held some data hostage broke into a computer server left vulnerable despite urgent public warnings since at least 2007 that it needed to be fixed with a simple update, The Associated Press has learned.
The hackers exploited design flaws that had persisted on the MedStar Health Inc. network, according to a person familiar with the investigation who spoke on condition of anonymity because this person was not authorized to discuss the findings publicly.  The flaws were in a JBoss application server supported by Red Hat Inc. and other organizations, the person said.
Read more on Yahoo! 


So far, it does not look like a high priority effort.
Eric Markowitz reports:
The story of how the FBI finally tracked down notorious fugitive Lynn Cozart, using its brand-new, $1 billion facial recognition system, seems tailor-made to disarm even the staunchest of skeptics.
[…]
According to unreleased FBI data provided to IBT in February, the agency had, as of February, processed a total of 77,136 suspect photos and sent police 9,303 “likely candidates” since 2011.  The FBI would not comment on how many of those cases led to an arrest.
In many ways, the FBI’s biometric program is an extension of the modern-day surveillance technologies that are making average citizens increasingly uncomfortable.
Read more on IBT. 


Soon, everyone will be getting a visit from the FBI. 
Why WhatsApp's Encryption Embrace Is a Landmark Event
The news that Facebook’s WhatsApp now supports encryption across all its apps is nothing short of seismic.
   For privacy advocates, this marks an enormous victory that few would have predicted would come so soon after Snowden’s revelations.
The problem was this: Generally speaking, good end-to-end encryption, where users rather than service providers hold the keys, is a pain to use.  Most people don’t adopt technologies that aren’t easy to use.
Encrypted email has been around for decades, and once it is set up, it’s not that tricky.  But setting it up requires a degree of technical knowledge that most people do not have.
Recently, encrypted-messaging apps have made the process of protected communications much simpler.  However, none of them has the immense reach of WhatsApp, and security experts are suspicious of the quality of the technology in some of them, or the fact that some default (Telegram) or occasionally switch (iMessage) to non-encrypted modes.


The answer is clearly “yes,” so how do I invest? 
Meet Africa’s First Tech ‘Unicorn’ — Are More to Come?
While tech “unicorns” coming out of Silicon Valley are starting to sound like a dime a dozen, the first tech unicorn to come out of Africa, Africa Internet Group (AIG), is causing a stir.  Growing into a unicorn — a privately held technology company valued at $1 billion or more — is a significant milestone for AIG, says Wharton management professor David Hsu.
“It’s a highly visible, symbolic and substantive marker,” Hsu notes.  “It shows that there’s enough by way of demand, as well as a platform that [AIG] is able to put in place to justify that marker.”

No comments: