Friday, November 18, 2016

Conversion (turning your theft into cash) has always been the most difficult part of a crime.  Why only eight? 
Mobile carrier Three breached after huge customer database is broken into to steal phones
British telecoms company Three has suffered a security breach affecting a database containing information on 6 million customers.
The incident, first reported by The Telegraph, involved people logging into a customer database, upgrading customers' phones, then stealing the new handsets and reselling them.
At least eight handsets were stolen that way, though the exact number of customers affected is unclear.
While the number of customers affected appears to be low (judging by the number of handsets stolen), the suspects had access to a vast database of up to 6 million customers — two-thirds of Three's 9 million customer base.


Nothing truly egregious here, I just miss talking about Kim Dotcom.  Hard to believe he’s being quiet. 
Zack Whittaker reports:
A hacker group claims to have obtained source code and admin accounts for the file-sharing site Mega.nz, formerly owned by internet entrepreneur Kim Dotcom.
The hacker group, known as the Amn3s1a Team, told me by email that they had also obtained internal documents from the company’s servers, by exploiting an escalation of privilege vulnerability.
In total, there were seven email addresses that are said to be associated with administrative Mega accounts, thought to be the highest-level of access at the service.
Read more on ZDNet.


Say it ain’t so!  Have businesses in the US fallen so far that they have a strategy of fraud?  What is trust worth?  See the Volkswagen article, below. 
Office Depot Accused Of Pushing Bogus Malware Removal Services On Customers To Meet Sales Quotas
When services are provided for free, it's important to evaluate whether or not there's a major caveat that comes along with it.  According to an investigation by CBS News, the free "PC Health" checkup provided by Office Depot carries a big one: you could be encouraged to shell out money to fix a nonexistent problem.
If this sounds like a shady mechanic or cars salesman, it's essentially the same thing. Office Depot is accused of telling customers that there are serious issues on their PCs, such as installed malware, even when that's not the case, and can charge them upwards of $180 for the privilege of "removing" it.


This is why competitors are springing up!  
SWIFT has not seen its last 'bank robbery'
   “The SWIFT board of directors needs to arrive at the consensus that they must make changes to the messaging system and its security,” says Kellermann.  The financial institutions that use and support the SWIFT system will have to spend more money to add the needed security.
The amount of additional spending should not be crippling for the participating banks.  In the finance sector, the typical security budget is 8 percent of the overall budget, confirms Kellermann.  They need to spend more like 10 percent,” he says.
Part of the challenge in acquiring the added budget is that CISOs are still reporting to the CIOs and don’t have a separate budget; that’s a governance issue across the financial sector, explains Kellermann.


Loading up for next Quarter’s Computer Security class…
Tim Johnson reports:
The worldwide scourge of cybercrime afflicted 689 million people in the past year, or more than twice the population of the United States, a California anti-virus software maker reported Wednesday.
Yet those hit by cybercrime often remain complacent, even sharing their passwords with friends, says a survey from Norton by Symantec, the security software maker.
Read more on McClatchyDC.


Another (Internet of) Thing not to be trusted?
How Light Bulbs Watch You Buy Groceries
   If shoppers grant the store’s app access to their smartphone’s front-facing lens, the phone can watch for the lights and use the pulses to pinpoint its location.
   Location information is one of the most valuable types of data a retailer can gather from its customers, says Joseph Turow, a professor of communications at the University of Pennsylvania.  (I interviewed Turow about the future of retail surveillance last month.)  If a retailer knows where you spent most of your time inside of a store, it can follow up with discounts for a product you looked at but didn’t buy—either after you’ve left the store, to encourage a return trip, or even right as you’re lingering in the aisle, to nudge you to buy it now.  In the U.S., Target and Walmart are rumored to use lighting technology to locate smartphone-toting shoppers, but aren’t forthcoming about their plans.


It's easier than breaking the iPhone encryption…
iPhone Call Logs Easy Pickings on iCloud, Says Russian Security Firm
Russian digital forensics firm ElcomSoft on Thursday reported that Apple automatically uploads iPhone call logs to iCloud remote servers, and that users have no official way to disable this feature other than to completely switch off the iCloud drive.
The data uploaded could include a list of all calls made and received on an iOS device, as well as phone numbers, dates and times, and duration, the firm said.

(Related) …so, perhaps the Russians could provide the data Apple doesn’t want to? 
New York DA vs Apple encryption: 'We need new federal law to unlock 400 seized iPhones'
In a report released on Thursday at the launch of the Manhattan DA's new cyberlab, Vance revealed there are now over 400 locked iPhones sitting with New York County that could be used to investigate serious crimes if only Apple would or rather could help.
The full report can be found here.


Something for my geeks to elaborate on?  
Fake news on Facebook is a real problem. These college students came up with a fix in 36 hours.
   when De, an international second-year master’s student at the University of Massachusetts at Amherst, attended a hackathon at Princeton University this week with a simple prompt to develop a technology project in 36 hours, she suggested to her three teammates that they try to build an algorithm that authenticates what is real and what is fake on Facebook.
And they were able to do it.
   They’ve called it FiB.
Since the students developed it in only a day and a half (and have classes and schoolwork to worry about), they’ve released it as an “open-source project,” asking anyone with development experience to help them improve it.  The plugin is available for download to the public, but the demand was so great that their limited operation couldn’t handle it.


Should I believe that lying about emissions supported 23,000 jobs?  Of course not.  But not getting fined when you get caught probably did. 
Volkswagen to Cut 23,000 German Jobs as It Tries to Lift Profits
   As it seeks to recover from an emissions cheating scandal, Volkswagen is trying to reduce the cost of manufacturing cars that carry the VW badge, many of which are made in Germany by a work force that effectively controls the company and has resisted job cuts.  The plan would lead to savings of $3.9 billion a year, Volkswagen said on Friday.


My students tell me the same thing.  
Cadillac president: Self-driving cars ‘spell the demise of the traditional car industry’
Detroit grew rich and fat on the one-person, one-car ethos of the American Dream.  But new technologies for driving won’t just change how we get from A to B — they’ll also change how we pay for transportation.

(Related)  Even the little things change.
Volvo launches concierge app for on-demand refuelling, car washing and more
Volvo has announced the rollout of a new concierge service for its owners, which will make everyday chores such as topping up with fuel an on demand, smartphone activated service.
   Tap on a service, and an authorised technician gets a one-time-use digital key to access and start the car, so you don’t need to meet up and hand the keys over.
Once servicing is complete, the car can be delivered right back to the spot you left it, delivered straight to you, or parked somewhere else entirely, and the digital key locks the car before expiring.
“Imagine parking your car in the morning at work and when you head home your car has been serviced, cleaned and refuelled.  These are the kind of services we of want to deliver to our customers”, explains Bjorn Annwall, Volvo’s Senior Vice President of consumer experience.

(Related)
Pew study: One-quarter of Americans part of 'gig economy'
Approximately one-quarter of Americans have taken part in the “gig economy” in the past year, according to a study released by Pew on Thursday.

(Related to that Related article) 


Of course, President Obama did not favor (huge campaign contributor) Google, any more than President Trump will un-friend (huge contributor to the other side) Google.  That would be wrong.
Trump looks poised to overturn Obama policies that favored Google
   Google had close ties with outgoing Democratic President Barack Obama’s administration, and its employees donated much more to defeated Democratic presidential candidate Hillary Clinton than to the Republican Trump.


Not all “free” data should be shared freely.  Another example of geo-fencing.
S Korea blocks Google export of map data
South Korea today rejected Google's request to export government-supplied data for its global mapping service, arguing it would make the country more vulnerable to attack by North Korea.
   Google argues that the South Korean law is outdated and unfairly restricts the company from providing a full range of mapping services, such as driving directions, public transit information and satellite maps.
The US tech giant backed up its complaint by claiming it could offer a wider range of services for isolated North Korea -- including driving directions from the capital Pyongyang to the country's main Yongbyon nuclear complex, and locations of the North's notorious labour camps.


An interesting claim.
Musk Says Tesla’s Solar Shingles Will Cost Less Than a Dumb Roof
   “So the basic proposition will be: Would you like a roof that looks better than a normal roof, lasts twice as long, costs less and—by the way—generates electricity?” Musk said.  “Why would you get anything else?”


Rather than give them gifts, I give them lists of the gifts someone else should buy them.


Damning with faint praise?
Python is one of the most polarizing languages in the programming world.  You either love it or you hate it, and you might even swing from one end to the other like a pendulum.  But regardless, Python is a language that’s hard to be ambivalent about.


Google added this to my Blog creation page.  Since I do not add “other cookies” I’m relying on Google to provide notice. 
To see the notice if you’re outside of the EU, view your blog and change the country code, for example blogspot.fr or blogspot.co.uk. 
So, this blog would be found at : http://centennial-man.blogspot.co.uk/

No comments: