Another reason to use a cafetiere to make coffee.
Simone Margaritelli writes:
After hearing so much discussion
about IoT security risks, I was curious to see firsthand just how easy it is to
hack into an internet-connected device. As
a whitehat hacker, I tested my hacking skills on my Smarter Coffee machine, which is
connected to my home wifi network.
But why should you care about
some guy who figured out how to hack his coffee machine? Because it was too easy. If I’m willing to spend a couple of hours
automating my coffee intake, there are countless cyber criminals out there
willing to put in the time for a much higher-stakes reward.
Read more on Quartz.
For my Computer Security students.
Your Browsing History Alone Can Give Away Your Identity
… Dozens of
trackers embedded in nearly every website collect information about how you
interact with the page, and cookies stored in your browser tell advertisers how
often you’ve visited the site before. But the holy grail is the ability to string
all this information together to create profiles that corresponds to each
individual user—that is, creating a complete picture of each person on the
internet, beyond just scattered data points.
Companies that compile user profiles generally do so
pseudonymously: They may know a lot of demographic details about you, but they
don’t usually connect your behavior to your individual identity. But a group of researchers at Stanford and
Princeton developed a system that
can connect your profile to your name and identity, just by examining your
browsing history.
(Related).
The Evolution of Ransomware: Part 1
Public understanding and concern about cybersecurity has
historically been pretty low, the domain of experts and large organizations on
the lookout for sophisticated, targeted attacks. Ransomware is changing that, creating a rising
tide of successful attacks that are forcing a re-examination of protection in
organizations of all sizes. Businesses,
numbed by constant warnings about threats, breaches, and the hopelessness of
protection, are getting a serious wake-up call. A surge in ransomware, caused by the ease of
staging widespread attacks, extending even to automated
ransomware attack services, has made fast, broad, and anonymous
attacks commonplace. From humble roots
in the AIDS Trojan of 1989 to its current myriad forms,
ransomware growth is only accelerating. These
attacks have come a long way in the last 27 years, and for those looking to
protect themselves in 2017, it is time to understand and address the modern
ransomware threat.
(Ditto). Would it
be cruel to use this as a midterm exam?
Can you spot the phish?
Cloud collaboration software provider Diligent recently
conducted an online survey of 2,000 U.S. internet users
to test their security savvy. 76% of
survey respondents passed the phishing test, but that isn't the whole story. Here are some of Diligent's other findings:
- Over 68% of respondents were tricked by emails that looked like they were from a coworker.
- Messages from social media companies with the phrase, “Did you see this pic of you? LOL” fooled nearly 61% of participants.
- Fewer than 3% of respondents fell for an email claiming they won a big cash prize from a soft drink company.
Following are the emails Diligent used in its survey. Can you spot the phish?
Perhaps not so spontaneous after all. You have to keep up a constant stream of
bamboozlement to convince the gullible to do your bidding. Fortunately(?), the Internet makes it easy,
Not ‘Lone Wolves’ After All: How ISIS Guides World’s Terror
Plots From Afar
… Until just
moments before the arrest of the Indian cell, here last June, the Islamic
State’s cyberplanners kept in near-constant touch with the men, according to
the interrogation records of three of the eight suspects obtained by The New
York Times.
As officials around the world have faced a confusing
barrage of attacks dedicated to the Islamic State, cases like Mr. Yazdani’s
offer troubling examples of what counterterrorism experts are calling enabled
or remote-controlled attacks: violence conceived and guided by operatives in
areas controlled by the Islamic State whose only connection to the would-be
attacker is the internet.
The country we might become? Or are we already there?
Papers, Please! has a wonderful recap of the work
they’ve been doing for decades and how it relates to the current uproar over
Trump’s executive order. The issues and
risks, they want you to know, are much bigger than you may realize. Here’s a snippet of their piece:
Here are some key things we’ve
learned from our work over the last 20 years that people — including those just
now beginning to think about the right to fly, especially as it relates to
immigrants, refugees, and asylum seekers — need to understand about what is
happening, who is responsible, what will happen next, and what can be done:
It’s about
government control
of movement, not just surveillance of travelers.
“Watchlist” is a euphemism. The list of countries whose citizens are
barred from the US is a blacklist, not just a watchlist.
“Extreme
vetting” means not just searching and interrogating people
before allowing them to enter the US, or surveilling them while they are in the
US, but not allowing them to enter the US at all. That’s one of the reasons we have never seen
this as an issue that can be completely encompassed in a rubric of “privacy”.
Tools put in place and
data collected by any government will be available for use and misuse by any
future government.
Read more on Papers,
Please!
Related to this, see Joe Cadillic’s new post, Passengers
to be arrested for not showing their ID’s. As one example, Joe writes:
Arizona’s House Bill 2305 would
make it a crime for passengers to decline to provide a photo ID to police. Passengers who fail to provide an ID could be
sentenced to four months in jail and a $750.00 fine.
This would be a silly law. If the government does a really poor job of
anonymization, it would be illegal to prove it by re-identifying people? Sounds like the Emperor wants to keep wearing
those new clothes without anyone pointing out the obvious.
Rohan Pearce reports:
Passage of a government bill that
would criminalise the re-identification of public sector datasets released
under open data policies looks uncertain.
The Senate Legal and
Constitutional Affairs Legislation Committee tonight tabled its report on the
government’s Privacy Amendment (Re-identification Offence)
Bill 2016. Although the committee’s
majority recommends that the bill be passed, a dissenting report by its Labor
and Greens members calls for parliament to reject the proposed legislation.
Read more on Computerworld.
Maybe Amazon has smarter lawyers?
Amazon’s Antitrust Paradox
by on
Khan, Lina, Amazon’s Antitrust Paradox (January 31, 2017).
Yale Law Journal, Vol. 126, 2017. Available
for download at SSRN: https://ssrn.com/abstract=2911742
“Amazon is the titan of twenty-first century commerce. In addition to being a retailer, it is now a
marketing platform, a delivery and logistics network, a payment service, a
credit lender, an auction house, a major book publisher, a producer of
television and films, a fashion designer, a hardware manufacturer, and a
leading host of cloud server space. Although
Amazon has clocked staggering growth, it generates meager profits, choosing to
price below-cost and expand widely instead. Through this strategy, the company has
positioned itself at the center of e-commerce and now serves as essential
infrastructure for a host of other businesses that depend upon it. Elements of the firm’s structure and conduct
pose anticompetitive concerns—yet it has escaped antitrust scrutiny. This Note
argues that the current framework in antitrust—specifically its pegging
competition to “consumer welfare,” defined as short-term price effects—is
unequipped to capture the architecture of market power in the modern economy.
We cannot cognize the potential harms to
competition posed by Amazon’s dominance if we measure competition primarily
through price and output. Specifically,
current doctrine underappreciates the risk of predatory pricing and how
integration across distinct business lines may prove anticompetitive. These concerns are heightened in the context
of online platforms for two reasons. First,
the economics of platform markets create incentives for a company to pursue
growth over profits, a strategy that investors have rewarded. Under these conditions, predatory pricing
becomes highly rational—even as existing doctrine treats it as irrational and
therefore implausible. Second, because
online platforms serve as critical intermediaries, integrating across business
lines positions these platforms to control the essential infrastructure on
which their rivals depend. This dual
role also enables a platform to exploit information collected on companies
using its services to undermine them as competitors. This Note maps out facets of Amazon’s
dominance. Doing so enables us to make
sense of its business strategy, illuminates anticompetitive aspects of Amazon’s
structure and conduct, and underscores deficiencies in current doctrine. The Note closes by considering two potential
regimes for addressing Amazon’s power: restoring traditional antitrust and
competition policy principles or applying common carrier obligations and
duties.”
The world my students will program.
Amazon's supermarket of the future could operate with just 3
staff — and lots of robots
Amazon's high-tech supermarkets of the future could be
operated by just three humans, according to The New York Post.
The ecommerce giant is reportedly considering two-storey
supermarkets that span between 10,000 square feet and 40,000 square feet and
rely heavily on a fleet of robots, sources told The New York Post.
… In Amazon's
planned supermarkets, robots would reportedly be based upstairs and used to
find and pack items for customers on the floor below, which would be home to
products up to 4,000 items that shoppers "like to touch," such as
fresh meat, fruit, vegetables, and eggs.
And here I thought they only tried to cover it up!
Directory of Federal Historical Offices and Activities
by on
Society for History in the Federal Government – “The Directory of Federal Historical
Offices and Activities provides information on offices in all branches of
government that perform history-related work.”
For my Student researchers.
Don’t tell my students about this.
1. BeSonic
3. Jamendo
4. NoiseTrade
5. Musopen
6. Amazon
No comments:
Post a Comment