Sunday, July 17, 2016

Trivial as such things go, but highly visible!
Oh No! Pokémon GO Servers Down From Poodle Corp DDOS Attack
   Hacker group PoodleCorp announced on Twitter today that they were responsible for this Tangela tragedy via a DDoS attack.
The hacker group tweeted, “PokemonGo #Offline #PoodleCorp”.  Pokémon trainers around the world demanded to know why PoodleCorp would be so cruel.
   Ofer Gayer, product manager for DDoS at Imperva for the Incapsula product line noted that online games such as Pokémon GO are subject to latency and availability issues and therefore are ideal targets for DDoS attacks.  A DDoS is an attempt to make an online service unavailable by overwhelming it with traffic from multiple attack points and devices.
   This hack, combined with the fact that Pokémon GO was just released in an additional twenty-six countries, crashed Nintendo servers hard,


One way around the Microsoft ruling.  Moving to a world government?  Moving to a world of Big Brother? 
U.S. to Allow Foreigners to Serve Warrants on U.S. Internet Firms
The Obama administration is working on a series of agreements with foreign governments that would allow them for the first time to serve U.S. technology companies with warrants for email searches and wiretaps—a move that is already stirring debates over privacy, security, crime and terrorism.
   Word of the plans came one day after a federal appeals court ruled that federal warrants couldn’t be used to search data held overseas by Microsoft Corp. , dealing the agency a major legal defeat.
The court’s decision in favor of Microsoft could prove to be a major barrier to the Obama administration’s proposed new rules to share data with other nations in criminal and terrorism probes, which would be sharply at odds with the ruling. It might lead some companies to reconfigure their networks to route customer data away from the U.S., putting it out of the reach of federal investigators if the administration’s plan fails.
The Justice Department has indicated it is considering appealing the Microsoft ruling to the Supreme Court.
   Under the proposed agreements described by Mr. Wiegmann, foreign investigators would be able to serve a warrant directly on a U.S. firm to see a suspect’s stored emails or intercept their messages in real time, as long as the surveillance didn’t involve U.S. citizens or residents. [On both ends of the connection?  Bob]
Such deals would also give U.S. investigators reciprocal authority to search data in other countries.


We are living an “Animal House” world.  That’s how “Double Secret Probation” works!
Lindsay Whitehurst of AP reports:
The National Security Agency asked a judge Thursday to dismiss a lawsuit from a former Salt Lake City mayor who says the agency conducted a mass warrantless surveillance program during the 2002 Winter Olympics.
The NSA argues the claims are implausible speculation about a program that may never have existed, but the government faced pointed questions from U.S. District Judge Robert Shelby.
“These plaintiffs allege willful, intentional, unlawful conduct in violation of constitutional rights by our elected representatives at the highest levels and by our government,” Shelby said.  A courtroom might be the only place where the matter can be addressed, he said.
Read more on KSL.
[From the article:
"They have not denied these allegations.  They just somehow say they are implausible," he said.
The lawsuit filed in August alleges the NSA collected the contents of text messages and emails and metadata about every phone call in the Salt Lake City area before and during the Games that took place less than six months after the attacks on Sept. 11, 2001.


Nothing new, but a quick summary in slides.  I’ll list a few…
6 high-tech ways thieves can steal connected cars
Car cloning
“Car cloning” is an advanced form of vehicle theft, where savvy thieves create and install a fake vehicle identification number (VIN) for a stolen vehicle, allowing it to go unnoticed in plain sight.  This method is primarily used to take high-end luxury vehicles and sell them overseas for profit, remaining undetected.  Hackers can then use the purloined VINs to alter ownership forms, or to create false new documents to hide a stolen car’s true identity.
Vehicle-enabled ransom
One growing and increasingly lucrative type of cybercrime is the use of ransomware, where inserted malware encrypts digital data and instructs a victim to pay the criminal a ransom to restore the decrypted information.  With the emergence of the connected car and vehicles being used as WiFi hot spots, vehicle-enabled ransomware is a predictable next step for hackers, exploiting this new avenue to commit digital “kidnapping”.  For example, in the near future, they could easily break into a vehicle, disable the engine and brakes, and demand bitcoin to restore the car to its functional state.
Scanner boxes as smart keys
Connected vehicle thieves have begun carrying scanner boxes, or devices that can exploit the electronic system utilized by key fobs.  These criminals can then unlock, and even start, a vehicle without even touching the key.  Once the key comes in close enough range to the scanner box and is compromised.  This problem has been particularly noted in Washington state.


Perspective.  Insight?
Cyberpower Crushes Coup
   The guide book to running a coup is still Luttwak’s Coup d’État, but it needs to be revised to reflect the use of cyberpower.  In the same vein, people who talk about cyberpower need to understand what it actually is (hint: it isn’t a stockpile of exploits, it’s the ability to create and maintain advantage.)


Explaining my students?
4 charts that prove that today’s 30-year-olds are NOT adults


How can I not pass this along?
Made with Code
Time for Emoji Equality
Until now, emoji representing women haven’t been, well…representative.
Let’s change that.  Google is working to make sure emoji include a wider range of female professions.  And now, we’re inviting you to join the movement by coding your own.


Dilbert neatly summarizes research on the Internet.

No comments: