http://www.mcall.com/news/police/mc-nws-montgomery-bitcoin-theft-federal-charges-20170719-story.html
Montco man tells feds he stole $40M in bitcoin
Police on the trail of two missing laptops and a gold
necklace followed it to the Montgomery County home of a self-described computer
hacker who claims responsibility for what could be one of the largest virtual currency
heists of all time, court documents say.
Theodore Price of Hatfield told a local detective and a
Homeland Security agent investigating a burglary at the Holland Township, Bucks
County, home of his girlfriend’s parents that he wrote software to steal
between $40 million and $50 million in the online currency bitcoin, the documents say.
When the officers arrived at his door last week, he told
them he had been preparing to flee to London on a chartered jet using a fake
passport in the name of “Avengers” movie star Jeremy Renner, a complaint filed
in federal court Wednesday says.
… A court document
filed last week that charged Price with unauthorized access to a computer to
commit a federal crime for personal financial gain listed the value of the
stolen bitcoin at between $40 million and $50 million.
Assistant U.S. Attorney Lesley Bonney said the unauthorized access charge has since been
withdrawn, but would not say why Price was not charged with the bitcoin theft
he admitted to the agent.
Imagine overriding a self-driving car… This is like that.
Segway miniPRO Flaws Put Riders at Risk of Injury
… IOActive researchers analyzed the miniPRO application and determined that an
attacker could have intercepted unencrypted Bluetooth communications between
the scooter and the mobile app.
While the app did require a PIN when launched, experts
determined that the Bluetooth interface was unprotected at the protocol level,
allowing an attacker to access it and remotely conduct various actions.
A warning for my students.
… LeakerLocker … locks
your home screen but doesn’t encrypt everything you’ve got on your device. It’s still ransomware, however, because it
warns that it’s gathering your browser data, text messages, call history,
location information, emails, social media messages, and photos. It states that, without paying up, it will leak all this private data to your contacts.
“If it costs money or takes time, we’re against it!” The DHS report is a “must read” for my Ethical
Hacking students.
Telecom Lobbyists Downplayed ‘Theoretical’ Security Flaws in
Mobile Data Backbone
… In May, the DHS published an in-depth, 125-page report on
government mobile device security, which noted that SS7 "vulnerabilities
can be exploited by criminals, terrorists, and nation-state actors/foreign
intelligence organizations." DHS noted that it currently doesn't have the authority
to require carriers to perform security audits on their network
infrastructure, or the authority to compel mobile carrier network owners to
provide information to assess the security of these communication networks.
CTIA took several issues with the report. In its own white paper responding to the DHS,
CTIA told US politicians in May that focusing on some SS7 attacks is "unhelpful," said
the report "focuses on perceived shortcomings" in the protocol, and
claimed that talking about the issues may help hackers, according to the white paper obtained by Motherboard. Specifics from the paper were discussed by
Motherboard with CTIA officials.
I’ve been discussing this with my students. Does your organization know what CPU is in
each machine? Will security suffer if
some of your computers can’t be updated?
Confirmed: Windows 10 will cut off devices with older CPUs
After stories arose of failed
attempts to upgrade such hardware to the Creators Update, Microsoft
confirmed late Wednesday that any hardware device that falls out of the
manufacturer’s support cycle may be ineligible for future Windows 10 updates.
… “Recognizing
that a combination of hardware, driver and firmware support is required to have
a good Windows 10 experience, we updated our support lifecycle policy to align
with the hardware support period for a given device,” Microsoft said in a
statement. “If a hardware partner stops
supporting a given device or one of its key components and stops providing
driver updates, firmware updates, or fixes, it may mean that device will not be
able to properly run a future Windows 10 feature update.”
Perhaps we do have a problem of “reading for
comprehension.” I assume the managers in
this company could have read the law, or their lawyers warning about the
law? By the way, that fine is way too
small. Shouldn’t they get hit for at
least 10 cents per email? (£80,000 is $103,757.60
according to Google, which works out to .015 cents per email.)
Price comparison website Moneysupermarket.com Ltd has been fined £80,000 by
the Information Commissioner’s Office (ICO) for sending millions of emails to
customers who had made it clear they didn’t want to be contacted in that way.
The company sent 7.1 million emails over 10 days updating
customers with its Terms and Conditions. But all the recipients had previously
opted out of direct marketing.
Moneysupermarket’s email included a section entitled
‘Preference Centre Update’ which read:
“We hold an e-mail address
for you which means we could be sending you personalised news, products and
promot¡ons. You’ve told us in the past
you prefer not to receive these. If you’d
like to reconsider, simply click the following link to start receiving our
e-mails.”
Asking
people to consent to future marketing messages when they have already opted out
is against the law.
Legal exceptions to constitutional rights?
From the ACLU:
Records obtained by the ACLU of
Massachusetts reveal extensive, warrantless surveillance of
Massachusetts residents’ communications records. Under a law passed in 2008, prosecutors in
Massachusetts may demand IP address logs, subscriber information, banking and
credit card records, and call records revealing sensitive details about a
person’s life—all without any judicial oversight or external accountability. The Boston Globe reports:
“It’s a sanctioned fishing
expedition tool,” said Kade Crockford, director of the Technology
for Liberty Program at the ACLU of Massachusetts. “It shouldn’t be easy for law enforcement to
dig around in our communications records, and find out who we’re talking
to, and for how long, and be able to strip us of our anonymity
online, simply by signing a piece of paper.” …
Read more on The
ACLU.
Would you cut of the President? Imagine the downside!
Twitter Crackdown on Abuse Raises Question: Do the Rules
Apply to Trump?
Twitter Inc. said it has clamped down on harassment on its
service, a campaign that is forcing the company to confront tricky questions
about how it applies its standards.
A nightmare: Think of a Big Brother-like world where all
devices switch to any appearance of President Trump to ensure that we never
miss a second of his brilliance. (I bet
we could sell it to Kim Jung Un.)
Internet Archive Blogs: “Working with Matroid,
a California-based start up specializing in identifying people and objects in
images and video, the Internet Archive’s TV News Archive today releases
Face-O-Matic, an experimental public service that alerts users via a Slack app whenever the faces of President Donald Trump
and congressional leaders appear on major TV news cable channels:
CNN, Fox News, MSNBC, and the BBC. The
alerts include hyperlinks to the actual TV news footage on the TV News
Archive website, where the viewer can see the appearances in context of the
entire broadcast, what comes before and what after. The new public Slack app, which can be
installed on any Slack account by the team’s administrator, marks a milestone
in our experiments using machine learning to create prototypes of ways to turn
our public,
free, searchable library of 1.3 million+ TV news broadcasts into data that
will be useful for journalists, researchers, and the public in understanding
the messages that bombard all of us day-to-day and even minute-to-minute on TV
news broadcasts. This information could
provide a way to quantify “face time”–literally–on TV news broadcasts. Researchers could use it to show how TV
material is recycled online and on social media, and how editorial decisions by
networks help set the terms of public debate…”
Colorado will give only “data not shielded by law.”
States bristled but at least 30 will give personal voter data
to Trump
Despite criticism from most states about the Trump
administration’s request for voters’ personal information, half have said
they will deliver some or all of that data to the White House election
commission.
… According to the
Brennan Center for
Justice, which has collected public statements from all 50 states, 17 stateshave agreed to provide the
commission with data allowable by state law —that includes Florida, North
Carolina and Washington. Another eight
states have indicated they would release the information, if certain conditions
are met, primarily paying a fee.
Most, if not all, will withhold Social Security numbers.
An interesting article. How do we keep AI from repeating the flaws of
our biased “intelligence?”
Technology Is Biased Too. How Do We Fix It?
Whether it’s done consciously
or subconsciously, racial discrimination continues to have a serious,
measurable impact on the choices our society makes about criminal justice, law
enforcement, hiring and financial lending. It might be tempting, then, to feel encouraged
as more and more companies and government agencies turn to seemingly
dispassionate technologies for help with some of these complicated decisions,
which are often influenced by bias. Rather
than relying on human judgment alone, organizations are increasingly asking
algorithms to weigh in on questions that have profound social ramifications,
like whether to recruit
someone for a job, give
them a loan, identify
them as a suspect in a crime, send
them to prison or grant them parole.
But an increasing body of research and criticism suggests
that algorithms and artificial intelligence aren’t necessarily a panacea for
ending prejudice, and they can have disproportionate
impacts
on groups that are already socially disadvantaged, particularly people
of color. Instead of offering a
workaround for human biases, the tools we designed to help us predict the
future may be dooming us to repeat the past by replicating and even amplifying
societal inequalities that already exist.
We do this to ourselves, and never correct our mistake.
The Myth and the Cost of Drug Expiration Dates
by on
Investigative research and report by PrpPublica and NPR’s Shots
Blog: “Hospitals and pharmacies are required to toss expired drugs, no
matter how expensive or vital. Meanwhile
the FDA has long known that many remain safe and potent for years longer… The dates on drug labels are simply the point
up to which the Food and Drug Administration and pharmaceutical companies
guarantee their effectiveness, typically at two or three years. But the dates don’t necessarily mean they’re
ineffective immediately after they “expire” — just that there’s no incentive
for drugmakers to study whether they could still be usable. ProPublica
has been researching why the U.S. health care system is the most expensive in
the world. One answer, broadly, is waste
— some of it buried in practices that the medical establishment and the rest of
us take for granted. We’ve documented
how hospitals often discard pricey new supplies, how nursing homes trash valuable medications after
patients pass away or move out, and how drug companies create expensive combinations of cheap drugs.
Experts estimate such squandering eats
up about $765 billion a year — as much as a quarter of all the country’s health
care spending…”
Helping students pick a major/specialization?
In the simplest of terms, computer science
is the study of information (“data”) and how it can be manipulated
(“algorithms”) to solve problems, mostly in theory but also in practice.
Computer science is not the study of computers,
nor does it strictly require the use of computers. Data and algorithms are possible to compute
using pen and paper, which makes “computer science” a misnomer. Computer science is more akin to mathematics,
which is why some now prefer to use the term “informatics” instead.
… Here’s a
non-exhaustive list of the most common “types” of computer science you may encounter
and what each one specializes in. As
you’ll see, computer science is one of the broadest fields today:
- Artificial Intelligence — The development of machines that can display cognitive functions like thinking, speaking, reasoning, and solving problems. Incorporates other fields, including linguistics, psychology, and neuroscience. Machine learning is a subset that explores the ability of machines to learn, evolve, and recognize patterns in data on their own.
- Bioinformatics — The use of computer science to measure, analyze, model, and understand the complexities of biology. Involves the large-scale analysis of data, high-performance computations, data simulations, molecular models, and more.
- Computational Theory — The study of algorithms and mathematical proofs. Not only concerned with the creation of new algorithms or the improvement of existing algorithms, but also the methods and provability of theorems.
- Computer Graphics — The study of how data can be manipulated and transformed in a way that’s intuitive for humans to view. Includes topics like photorealistic images, dynamic image generation, 3D modeling and animations, and data visualizations.
- Game Development — The creation of PC, mobile, and web games for entertainment. Game engines are designed differently from business and research applications, and often involve unique algorithms and data structures optimized for real-time interaction.
- Networking — The study of distributed computer systems and how communications can be improved within and between networks.
- Robotics — The creation and development of algorithms used by robotic machines. Includes improvements to robotic kinematics, the interface between robots and humans, environmental interactions, robot-to-robot interactions, virtual agents, etc.
- Security — The development of algorithms, methods, and software to protect computer systems against intruders, malware, and abuse. Includes cloud and network security, PC security, mobile security, email security, anti-virus software, and cryptography (the study of encryption and decryption).
Might become useful.
Apple launches machine learning research site
Apple just launched a blog focused on machine learning
research papers and sharing the company’s findings. The Apple Machine Learning Journal is a bit empty right now as
the company only shared one
post about turning synthetic images into realistic ones in order to train
neural networks.
Helping my students find current articles?
Google’s new Feed will offer content Google thinks you
want to see. This will be based on your
interactions with Google, as well as what’s trending in your area and beyond. While Google will do most of the heavy
lifting, you’ll be able to customize your feed by following certain topics
after you’ve searched for them.
Google outlines the thinking behind the Feed in a blog post on The Keyword. The company states that the Feed is designed
to make it “easier than ever to discover, explore and stay connected to what
matters to you, even when you don’t have a
query in mind”. And that last
part of the sentence is key.
… U.S. readers
should be able to access the Feed from today (July 19) just by updating the
Google app on Android or on iOS. It will then roll out internationally over the
next couple of weeks.
Our bookstore will hate this.
For books that you have no desire to buy and keep forever,
these sites can help. They offer great
rental prices and flexible terms, making them ideal for college students on a
budget.
Is there a market for free, ad-sponsored apps? How about birds, flowers, fish, etc.?
Tree Identification Field Guide
by on
Tree Identification Field Guide (this app has a small fee): “Our illustrated,
step-by-step process makes it easy to identify a tree simply by the kinds of
leaves it produces. Begin identifying
your tree by choosing the appropriate region…”
No comments:
Post a Comment