Thursday, August 18, 2016

If this is the Russians, what is their strategy?  Hackers don’t just brag about their achievements, because that forces the vulnerable companies to fix the holes in the systems.  Disclosing someone else’s hacking techniques suggests you have other techniques that are equally successful.  But I doubt the NSA would share first level tools with third parties, so what benefit do the Shadow Brokers gain? 
Cisco And Fortinet Confirm Flaws Exposed By Self-Proclaimed NSA Hackers
American firewall providers Cisco and Fortinet have issued warnings and fixes for bugs exposed by the Shadow Brokers, who claimed this weekend to have breached the Equation Group, believed to be an NSA operation.
Cisco and Fortinet had initially determined there was little of concern in the leak, but after researchers showed how the respective technologies could be exploited, the tech firms have taken action to protect customers.  That both have come forward adds further weight to the claims the Shadow Brokers’ leak really does contain information stolen from an NSA server, indicating the US intelligence agency was attacking American manufacturers’ security products without telling the companies.  And, as the files were dated between 2010 and 2013, the affected firewalls have been hackable for at least three years.


Innovative and depressing.  I see a future for this kid at any Internet company.
Steve Ragan reports:
Evan Robertson, age 10, took a science fair project and turned it into a valuable lesson in privacy earlier this month at rootz Asylum, a kids-only gathering at DEF CON where children can learn about security in a safe, encouraging environment.
Evan wanted to do something different for his school project.  He just wasn’t into volcanoes.
“I was thinking about a really cool project, I didn’t want to do normal stuff,” he explained in an interview with Salted Hash.
Instead, he asked his dad for ideas.  Several options were discussed, but eventually (at Evan’s insistence) the two decided to see if people cared about their privacy and security when connecting to public Wi-Fi.
Evan’s project required a Raspberry Pi, and the base kit ($75) included almost everything needed to prove his hypothesis.  He created a hotspot that would offer free internet access to anyone using the SSID of FREE PUBLIC WIFI, provided the user agrees to a horrendous Terms of Service (TOS).
For example:
“…You agree to allow your connecting device to be accessed and/or modified in any way by us, including but not limited to harvesting of personal information and authentication data, reading and responding to your emails, monitoring of your input and/or output, and “bricking” of your device…”
Read more on Salted Hash.


Interesting.  The data is available now, the tool will be available soon!
Researchers have presented the first-ever comprehensive analysis of third-party web tracking across three decades and a new tool, TrackingExcavator, which they developed to extract and analyze tracking behaviors on a given web page.  They saw a four-fold increase in third-party tracking on top sites from 1996 to 2016, and mapped the growing complexity of trackers stretching back decades.
Read more about the research out of U. of Washington on ScienceDaily.


Driving into the future?  My students could not believe that Uber was not making a profit. 
Uber’s first self-driving cars will start picking up passengers this month
It’s been a while since news broke in early 2015 that Uber was working on self-driving cars.  Earlier this year, the company openly admitted it was testing cars in Pittsburgh, but we haven’t heard much more over the last 18 months.
With Google, the self-driving car leader, slowly making progress with its autonomous cars, you’d be forgiven for thinking Uber’s efforts are far behind and barely visible in its frenemy‘s rearview mirror.
Well think again!
It turns out Uber has been making very rapid progress on its plan to replace its one million-plus drivers with computers.  Bad news if you’re an Uber driver…
In an interview with Bloomberg, CEO Travis Kalanick revealed that the company is preparing to add self-driving cars to its fleet of active drivers in Pittsburgh as soon as this month.

(Related) Apparently, Uber does not lead the race.
Helsinki has just sent its new self-driving buses onto regular roads
China may have its bizarre straddling bus, but Finland is also moving ahead with plans for a high-tech public transportation system.
We’re talking self-driving buses, with a couple of its specially designed box-shaped vehicles now tootling along regular roads in the country’s capital city of Helsinki.
It’s part of a month-long trial, but the fact that they’re now allowed to mix with regular traffic suggests it may not be too long before more of the buses hit the city’s streets as part of a permanent program.
   Helsinki’s new electric buses, which can carry up to 10 passengers, are the work of France-based EasyMile, which itself is a joint venture between French automaker Ligier and Indian robotics firm Robosoft.


Back to the future?
World’s largest aircraft just took flight. But, observers are stuck on what it looks like.
Just before twilight on Wednesday at Cardington Airfield in Bedfordshire, England, a giant airship took a buzzy first flight.  It was a brief victory lap for the largest aircraft on the planet.  The aircraft’s maiden voyage lasted for a half-an-hour as the jumbo ship — at 302 feet in length, that’s a fifth longer than the longest jet — circled the airfield.
The dirigible moved like a slow queenly wave, somewhat undercut by the fact the ship looks like, well, a butt.


Interesting.  It looks like a consistent 98% of applications are approved.  The people denied should certainly know better.  E.g. convicted felons. 
Background Checks for Firearm Transfers, 2013–2014 – Statistical Tables
by Sabrina I. Pacifici on Aug 17, 2016
Background Checks for Firearm Transfers, 2013–14 – Statistical Tables – Trent D. Buskirk, Ph.D., Regional Justice Information Service, Joseph M. Durso, Regional Justice Information Service, Ronald J. Frandsen, Regional Justice Information Service, Jennifer C. Karberg, Regional Justice Information Service, Allina D. Lee, Bureau of Justice Statistics, June 30, 2016. NCJ 249849.
“Describes background checks for firearm transfers conducted in 2014, including partial data for 2013, and presents estimates of firearm applications received and denied annually since the effective date of the Brady Act through 2014.  Tables provide data on the number of firearm transaction applications processed by the FBI and by state and local agencies, the number of applications denied, reasons for denial, and estimates of applications by jurisdiction and by each type of approval system.  State-level 2014 estimates are included for states with local checking agencies.  Data are from BJS’s Firearm Inquiry Statistics (FIST) program, which annually surveys state and local checking agencies to collect information on firearm background check activity and combines this information with FBI’s National Instant Criminal Background Check System (NICS) transaction data.”

No comments: