Observations on articles I read to keep current about technology. My interests are: Privacy, security, business, the computer industry, and geeky stuff that catches my eye.
I don't think I have an agenda beyond my own amusement.
Note that I lump all my comments into a single post. This is not a typical BLOG technique, It's just an indication that I'm lazy.
Saturday, August 26, 2017
Other than those few bugs, how do you like the technology?
PoS Flaws Allow Hackers to Steal Card Data, Change Prices
Researchers at ERPScan discovered that
SAP’s POS product, which is part of the company’s SAP for Retail offering, was
affected by several flaws. Specifically,
the system’s server component, Xpress Server, lacked important authorization
checks for critical functionality.
This allows an attacker with access to the system to send
malicious configuration files to Xpress Server and gain complete control of both the frontend and backend of the PoS system.
A hacker can abuse tens of commands, allowing them to
steal data from all the credit and debit cards used at the targeted store, and
apply special prices and discounts to specified items. These discounts can be applied for specified
times so that an item has a small price only when fraudsters go to purchase it.
Fraudsters can also set up the system so
that their purchases are charged to the previous customer’s card.
…the connections
between POS workstation and the store server turn out to be the weakest link.
They lack the basics of cybersecurity - authorization procedures and
encryption, and nobody cares about it. So, once an attacker is in the Network,
he or she gains full control of the system.”
Probably not the best way to convince the judge that you
are not part of a vast criminal conspiracy.Should the lawyer have made this public?
Fraud Forces WannaCry Hero's Legal Fund To Refund All
Donations
The vast majority of money raised to pay for the legal
defense of beloved [? Bob]
British cybersecurity researcher Marcus Hutchins was donated with stolen or fake credit card numbers, and all
donations, including legitimate ones, will be returned, the manager of the
defense fund says.
Lawyer Tor Ekeland, who managed the fund, said at least
$150,000 of the money collected came from fraudulent sources, and that the
prevalence of fraudulent donations effectively voided the entire fundraiser. He said he'd been able to identify only about
$4,900 in legitimate donations, but that he couldn't be certain even of those.
If this is easy for Facebook, imagine what Intelligence
Agencies can do.
Rebecca Porter and I were strangers, as far as I knew. Facebook, however, thought we might be
connected. Her name popped up this
summer on my list of “People You May Know,” the social network’s roster of
potential new online friends for me.
The People You May Know feature is notorious for its
uncanny ability to recognize who you associate with in real life. It has mystified and disconcerted Facebook
users by showing them an old boss, a one-night-stand, or someone they just ran into on the street.
…On any given
day, it tended to recommend about 160 people, some of them over and over again;
over the course of the summer, it suggested more than 1,400 different people to
me. About 200, or 15 percent of them,
were, in fact, people I knew, but the rest appeared to be strangers.
And then there was Rebecca Porter. She showed up on the list after about a month:
an older woman, living in Ohio, with whom I had no Facebook friends in common. I did not recognize her, but her last name was
familiar. My biological grandfather is a
man I’ve never met, with the last name Porter, who abandoned my father when he
was a baby. My father was adopted by a
man whose last name was Hill, and he didn’t find out about his biological
father until adulthood.
…I sent the woman
a Facebook message explaining the situation and asking if she was related to my
biological grandfather.
“Yes,” she wrote back.
Rebecca Porter, we discovered, is my great aunt, by
marriage. She is married to my
biological grandfather’s brother; she met him 35 years ago, the year after I
was born. Facebook knew my family tree
better than I did
“I didn’t know about you,” she told me, when we talked by
phone. “I don’t understand how Facebook
made the connection.”
…Facebook is known to buy information from data brokers, and a person who previously
worked for the company and who is familiar with how the tool works suggested
the familial connection may have been discerned that way. But when asked about that scenario, a Facebook
spokesperson said, “Facebook does not use information from data brokers for
People You May Know.”
What information had Facebook used, then? The company would not tell me what triggered
this recommendation, citing privacy reasons. A Facebook spokesperson said that if the
company helped me figure out how it made the connection between me and my great
aunt, then every other user who got an unexpected friend suggestion would come
around asking for an explanation, too.
…Now, when I look
at my friend recommendations, I’m unnerved not just by seeing the names of the
people I know offline, but by all the seeming strangers on the list. How many of them are truly strangers, I
wonder—and how many are connected to me in ways I’m unaware of. They are not people I know, but are they
people I should know?
The Next Big Thing: Energy-Saving Graphene Computers with
1,000x Speed and Efficiency
Today, researchers
from Northwestern University, University of Texas at Dallas, University of
Illinois at Urbana-Champaign, and University of Central Florida have joined
minds together in the development of a graphene-based transistor.
…Transistors
function as on and off switches, forming logic gates in computers when placed
in various arrangements. These logic
gates enable microprocessors to solve complex logic and arithmetic problems.But, since 2005, the speed of computer
microprocessors which utilize silicon transistors have clock speeds mostly in
the 3 to 4 gigahertz range only.
…According to the
team, with a cascading series of graphene transistor-based logic gates, a
computer could have clock speeds near the terahertz range, thus making it a
thousand times faster and more efficient than today’s computers.
Graphene computers also use lesser energy, only a
hundredth of the power consumed by silicon-based ones. Moreover, computers could be designed smaller
in size
“Imagine if U.S. companies’ compliance costs could be
reduced, by billions of dollars. Imagine
if this could happen without sacrificing any transparency to investors and
governments. Open data can make that
possible.
For our purposes, the term open data refers to
information that is made interoperable using standardized definitions and
digital formats, and digitally published and freely available for use
and reuse by its users…The key, of
course, is interoperability, which allows diverse systems and organizations to
exchange and use one another’s data without having to translate it. For companies as well as agencies, open data
offers significant efficiencies by reducing processing time and costs.
First, if government agencies standardize data fields and
formats for the information they collect, rather than expressing that
information as unstructured documents, reporting companies’ software can automatically
compile and report it, reducing manual labor. Quality improves; human ‘fat fingering’ is
eliminated. Second, if multiple agencies
align their fields and formats with one another by adopting universal standards
for overlapping information, companies can submit the same information once,
rather than multiple times to each agency. Meanwhile, open data promises to cut
regulatory agencies’ costs and reduce their risks by allowing them to get and
use regulatory information more quickly, shortening the processing required for
data analysis. In the United States, for
example, simple data matching could have revealed Bernie Madoff’s fraudulent
activities before his financial firm collapsed, allowed agencies to quickly
gauge the financial industry’s exposure to Lehman Brothers while deciding
whether to initiate a bailout, and indicated that the fuel cell manufacturer
Solyndra was the riskiest recipient of a federal loan guarantee well before its
2011 bankruptcy – if the relevant information had been available in a
consumable format and in a timely manner. But because Madoff’s securities reports,
Lehman’s financial filings, and Solyndra’s energy and securities disclosures
were available only as disconnected documents, not open data, these insights
would have required expensive, time-consuming, and purpose-built analytics
projects.
Clearly, a well written law is inspirational! (If they have your permission they can violate
your privacy?)
Hannah M. Arenstam, Frederic T. Knape, Joshua J. Orewiler,
and Joseph A. Strubbe of
Vedder Price write:
In the past few weeks, five
putative class action lawsuits have been filed under the Illinois Biometric
Information Privacy Act (“BIPA”), 740 ILCS 14/1 et seq., targeting defendants
in the health care, senior living, commercial baking, meat processing and
security industries. These recent suits
join previously filed BIPA class actions against day care operators, tanning
salons, video game manufacturers, hotel groups and supermarkets as well as much
larger entities, including Facebook, Google, Shutterfly, Six Flags and
Snapchat. All of these suits have
similar allegations at their core; that defendants utilized employees’,
customers’, or other persons’ biometric identifiers, such as fingerprints,
voiceprints, retina scans or facial recognition technology, in violation of
BIPA’s disclosure and consent requirements. All seek recovery of BIPA’s statutory
liquidated damages of $1,000 for each negligent violation, or $5,000 for each
intentional or reckless violation, injunctive relief, and recovery of
attorneys’ fees and costs.
Government
Prevails in Bid for Anti-Trump Website’s Subscriber Data
…A judge in
District of Columbia Superior Court on Thursday ordered DreamHost LLC, the host of the
website disruptj20.org, to comply with a
government warrant seeking information about the site’s subscribers. The government says the site was used to
recruit and organize hundreds of people who rioted in the city on Jan. 20, the
day President Donald Trump was sworn in, causing hundreds of thousands
of dollars in damage over nearly two dozen city blocks.
Chief Judge Robert Morin ruled that DreamHost was
obligated to turn over subscriber data, but that prosecutors would have to tell the judge which data it intended to seize.
[Couldn’t they specify that in the warrant?Or do they get to look at everyone and everything and then specify?Bob]The judge said he would oversee the use of the
data to make sure the government’s seizure was limited to individuals linked to
the riots and not people who merely posted messages or communicated with others
through the site.
…Morin denied
DreamHost’s request to put his ruling on hold until they could appeal his
decision.
(Related). “We’ll
look through all of this data but only use the stuff we need, pinky promise!”
Verizon reports spike in government requests for cell 'tower
dumps'
Government requests for the mass disclosure of every
caller who connected to a particular cellphone tower have spiked during the
first half of 2017, according to Verizon’s latest transparency report.
Law enforcement seek so-called tower dumps to try to
identify a suspect in a crime, compelling tower operators to provide the phone
numbers of all devices that connected to a specific tower during a given period
of time.
…Verizon has
received approximately 8,870 warrants or court orders for cell tower dumps in
the first half of this year — a huge increase over 2013, when the government
sought only 3,200 dumps across the whole of that year. In 2016, the total figure was 14,630.
Probably.Just like
TV harmed my generation.(Too much talk
for me.)
Data Center economics. Why would any company build a data center
without massive tax incentives?Governments
are trading tax credits (no cash
outlay) for future tax income.Does the
math work?
Why Iowa is giving Apple $208 million for a project that will
create 50 full-time jobs
In exchange for nearly $208 million in state and local tax
breaks, the technology giant Apple has agreed to build two new data centers on
2,000 acres of Iowa land — a project that would create just 50 permanent
jobs.
…Construction is
expected to start this spring in Waukee, and city officials anticipate the
process will spark hundreds of construction jobs.But the buildings, slated to open by 2020,
will house more computer servers than humans.
…Apple,
meanwhile, will pour $1.3 billion into building the new properties, which will
neighbor corn fields, a cattle farm and chicken pens. The 50 permanent workers at the data centers
will make a minimum of $29.12 per hour, state officials said.
The company will also fork up $100 million to a fund that
bolsters Waukee’s economic development.
…Construction on
a new center employs an average of 1,688 local workers and generates $9.9
million in revenue for cities and states, the study found. After that, a typical operation supports 157
local jobs.
Did they not realize that Amazon would try to win?They had to wait for a specific
announcement?This is what Amazon does,
people!
Amazon to cut Whole Foods prices, escalating grocery turf war
Amazon.com Inc said it will cut prices on a range of
popular goods as it completes its acquisition of Whole Foods Market Inc,
sending shares of rival grocers tumbling on fears that brutal market share
battles will intensify.
… Shares of Kroger
Co, the biggest U.S. supermarket operator, closed down 8 percent, while
Wal-Mart Stores Inc, the biggest U.S. food seller, closed down 2 percent.
Amazon also said it will start selling
Whole Foods brand products on its website, a move that sent down shares of
packaged food sellers including Kellogg Co.
The S&P 500 Food Retail index closed
down almost 5 percent as more than $10 billion was wiped off the market value
of big food sellers.
…“It does not
look like they will go kamikaze on pricing,” said Roger Davidson, president of
consulting firm Oakton Advisory Group and a former retail executive. “They will lower prices on consequential items
to drive traffic and sales but not do a whole store price reduction which could
really damage gross margin and potentially wipe out operating margin.”
…The planned
price cuts would have been a tough sell to Whole Foods’ investors, who had
grown used to fat profits from the upscale chain, but are more in line with Amazon’s broader strategy of sacrificing short-term
profit for long-term market dominance.
We can see where this is heading, so why don’t libraries
take over journal publication?
“…Over the past 2 years, more than 150 German libraries,
universities, and research institutes have formed a united front trying to
force academic publishers into a new way
of doing business.Instead of
buying subscriptions to specific journals, consortium members want to pay
publishers an annual lump sum that covers publication costs of all papers whose
first authors are at German institutions. Those
papers would be freely available around the world; [and easy to access with
tools like Google Translate.Bob]
meanwhile, German institutions would receive access to all the publishers’
online content. Consortia of libraries
and universities in the Netherlands, Finland, Austria, and the United Kingdom
have all pushed for similar agreements, but have had to settle for less than
they wanted. In the Netherlands, for
example, Elsevier—the world’s biggest academic publisher—has agreed to make
only 30% of Dutch-authored papers freely available by 2018, and only after a
significant increase in the annual sum libraries pay…”
Fresh data shows millennials' favorite apps — and it's bad
news for Snapchat
Younger millennials may be spending as much as 40
minutes a day on Snapchat, but fresh data shows the scale of the challenge
it faces as it looks to grow its user base amid stiff competition from
Facebook.
Snapchat, despite
being high on the cool quotient, features nowhere on the most essential
apps for 18- to 34-year-olds, according to comScore's 2017 US Mobile App
Report.Amazon ranks number one, while
Facebook (29%) and Instragram (11%) both rank inside the top 10.
A Big task.You
must automate this process to have any chance of keeping up.
Facebook shuts down 1 million accounts per day but can't stop
all 'threat actors,' security chief says
…Still, the sheer
number of interactions among its 2 billion global users means it can't catch
all "threat actors," and it sometimes removes text posts and videos
that it later finds didn't break Facebook rules, says Alex Stamos.
"When you're dealing with millions and millions of
interactions, you can't create these rules and enforce them without (getting
some) false positives," Stamos said during an onstage discussion at an
event in San Francisco on Wednesday evening.
Stamos blames the pure technical challenges in enforcing
the company's rules — rather than the rules themselves — for the threatening
and unsafe behavior that sometimes finds its way on to the site.
(Related).Crackdown
does not mean takedown?“Well just flag
the really nasty stuff so you don’t miss it?”
Google
Begins Biggest Crackdown on Extremist YouTube Videos
Starting on Thursday, Google will police YouTube like it
never has before, adding warnings and disabling advertising on videos that the
company determines crosses its new threshold for offensive content.
YouTube
isn’t removing the selected videos, but is instead setting new
restrictions on viewing, sharing and making money on them.
…YouTube says it
uploads over 400 hours of video a minute.
Videos tagged by its new policy won’t be able to run ads or
have comments posted, and won’t appear in any recommended lists on the video
site. A warning screen will also appear
before the videos, which will not be able to play when embedded on external
websites.YouTube will let video
creators contest the restrictions through an appeals process, a spokeswoman
said.
“The best laid schemeso' micean'men.Gang aft a-gley.”
What would happen if we upload our brains to computers?
Meet the "ems" -- machines that emulate human
brains and can think, feel and work just like the brains they're copied from. Futurist and social scientist Robin Hanson
describes a possible future when ems take over the global economy, running on
superfast computers and copying themselves to multitask, leaving humans with
only one choice: to retire, forever. Glimpse a strange future as Hanson describes
what could happen if robots ruled the earth.
KnightLab:
“TimelineJS is an open-source tool that enables anyone to build visually rich,
interactive timelines. Beginners can
create a timeline using nothing more than a Google spreadsheet, like the one we used for the Timeline
above. Experts can use their JSON
skills to create custom installations, while keeping TimelineJS’s core
functionality.”
Protenus has released its July Breach Barometer, with data
supplied by DataBreaches.net. Here’s a
snippet from their report:
July is the first month in 2017 to have hacking incidents
outweigh insider breaches to patient data in both frequency and number of
affected patient records.While hacking
accounted for almost half of total breach incidents this month, the severity
and potential damage of insider threats to patient data should not be
overlooked, with one incident going
undetected for 14 years.
India’s Supreme Court says privacy is a fundamental right in
blow to government
NEW DELHI — In a blow to the
Indian government’s efforts to roll out the world’s biggest biometric database
on its billion citizens, India’s Supreme Court ruled Thursday that privacy was
a fundamental right for people.
Over the past few years, the government has aggressively
pushed to compile the database, known as Aadhar, by sending officials out to
remote villages to take iris scans and fingerprints. To ensure complete enrollment, the government
this year put out several notices restricting access to essential government
services for those not part of the system.
The unanimous ruling by the nine-judge bench will have
huge implications in a number of ongoing cases involving Aadhar, which means
base or foundation in Hindi.
It could
put an end to the government’s efforts of making enrollment mandatory.It also guarantees privacy for Indian
citizens as an intrinsic right — removing it could have had far reaching
implications beyond biometric IDs for the daily lives of Indians such as the
possible decriminalization of homosexuality.
…In court, government lawyers argued that the
right of all citizens to a dignified life was more important than the elitist
preoccupation with privacy.
Last week, the TSA Los
Angeles Metropolitan Transportation Authority ‘voluntarily’ asked commuters to
walk through facial recognition body scanners before being allowed to board a
train.
Wherever you go, your face exposes you. Facial recognition in combination with surveillance cameras
is a powerful tool that can track your every step.
Search engines are becoming ever smarter in managing
massive amounts of data. Face search and
facial recognition are just a few of many tools that target individuals. All public data combined, they can quickly
unravel what an individual has been up to.
Li, Tiffany and Bronfman, Jill and Zhou, Zhou, Saving
Face: Unfolding the Screen of Chinese Privacy Law (August 2017). Journal of
Law, Information, and Science (Forthcoming). Available at SSRN: https://ssrn.com/abstract=2826087
Abstract
Privacy is often a subjective
value, taking on meaning from specific social, historical, and cultural
contexts. Western privacy scholars have
so far generally limited academic study to focus on Western ideals of privacy. However, privacy – or some notion of it – can
be found in almost every culture and every nation, including the growing
economic powerhouse that is the People’s Republic of China. Focusing on China as a case study of
non-Western privacy norms is important today, given the rapid rise of the
Chinese economy and its corresponding impact on worldwide cultural norms and
law. Simply put, it is naïve to believe
that privacy law will develop in the near future without the influence of
China.
…Given the long-arm reach of many nations’
privacy laws (particularly the EU’s current and proposed regulations), several
signs indicate that China may follow the EU’s example in enforcing its privacy
laws worldwide.
…This paper will attempt to illuminate the
state of privacy law in China, by evaluating current legal developments,
exploring cultural and historical perceptions of privacy, and analyzing how
China’s unique perceptions of privacy may influence the future development of
new norms in China’s growing privacy regime.
The Ninth Circuit agreed Tuesday
that Google can settle privacy claims by giving $8.5 million to six nonprofit
privacy organizations instead of class members, despite ties between the
organizations, Google and class counsel.
The three-judge appeals panel
found that U.S. District Judge Edward Davila did not abuse his discretion by
approving the cy pres settlement, almost half of which went to the alma maters
of class counsel, and another chunk to organizations to which Google regularly
donates or which received Google settlement funds in the past.
A divided federal appeals court
has upheld a decision that allows Google to continue consumer
privacy violations by means of a collusive settlement. Though
the case concerns Google’s illegal disclosure of personal data from 129 million
consumers, the settlement fails to compensate those consumers, does nothing to change Google’s business practices,
and diverts funds to organizations that don’t protect consumer privacy. The dissenting judge wrote that the settlement
“raises a red flag” because “47% of the settlement fund is being donated to the
alma maters of class counsel.” EPIC twiceurged the lower court to reject the settlement, arguing
that it did nothing for class members and would allow Google to “continue to
engage in the privacy-invading practice.” EPIC has long urged courts to reject collusive
settlements and has proposed objective criteria for courts to follow in class action
cases.
In a decision surely welcomed by
the plaintiffs’ bar, the US Court of Appeals for the Ninth Circuit held, on
August 15, 2017, that a putative class action plaintiff has Article III
standing as long as the plaintiff alleges
just slightly more than a mere statutory violation.The case, Robins v. Spokeo, was on
remand from the United States Supreme Court following that Court’s well-known
May 2016 Spokeo v.Robins decision, which held that
allegations of a statutory violation of the Fair Credit Reporting Act (FCRA),
without more, did not confer standing. A
three-judge panel of the Ninth Circuit has now ruled that, as a matter of
statutory interpretation, the FCRA procedures at issue were crafted to protect
consumers’ “concrete” interest in accurate credit reporting about themselves,
and that the plaintiff’s allegations of inaccurate credit reports could be
deemed “a real harm” sufficient to confer standing.
The bad news keeps coming for Wells Fargo. A nearly $150 million settlement is pending for the
fake-account scandal that roiled the bank last year, and a new scandal has
emerged: Recently it has been alleged that thousands of customers were signed
up for insurance without their knowledge. A bevy of lawsuits is in the pipeline, and regulatory scrutiny is intensifying. Meanwhile, one of Well Fargo’s
chief competitors, Bank of America, has been relatively scandal free, with
impressive revenue and profit results for the first half of 2017.
What explains the divergence in the
fortunes of two of the U.S.’s largest banks?
One possibility is the tone at the top. For the past several years, Wells Fargo has
been run by MBAs, while Bank of America’s CEO since 2010, Brian Moynihan, has a
law degree from Notre Dame. Might this
difference in education influence how CEOs behave when it comes to setting a
course and trimming corporate sails? After
all, there’s a subtle difference in how these two disciplines train people to
understand and manage risks: Legal
training focuses on the downside of particular actions, while business training
may emphasize the upsides for shareholder value from risk taking.
…The most obvious
impact a lawyer CEO might be expected to have is on the amount of litigation
their company is involved in. We looked
at over 70,000 lawsuits filed against our sample of firms in federal courts
during those 10 years. We focused
on nine common types of corporate litigation: antitrust, employment civil
rights, contract, environmental, intellectual property, labor, personal injury,
product liability, and securities.
The result was clear: Firms run
by CEOs with legal expertise were associated with much less corporate
litigation.Compared with the
average company, lawyer-run firms experienced 16% to 74% less litigation,
depending on the litigation type. Employment
civil rights, antitrust, and securities lawsuits were reduced the most, while
contract saw the smallest (but still significant) reduction with a lawyer
CEO. The results were economically
meaningful, since the reduction was several fewer suits per year in some cases.
Google search uses a medical quiz to help diagnose depression
Only half of Americans who face
depression get help for it, and Google is determined to increase that
percentage. As of today, it's offering
a medically validated, anonymous screening questionnaire for clinical
depression if you search for information on the condition. This won't definitively indicate that you're
clinically depressed, to be clear, but it will give you useful information you
can take to a doctor.
For my Digital Forensics students. Possible project?
Campbell, Joseph Charles, Elementary English Grammar for
Lawyers (July 30, 2017). Sydney Law School Research Paper No. 17/62. Available
at SSRN: https://ssrn.com/abstract=3011086
“A lawyer interpreting a text whose meaning is disputed –
whether a statute or some other document that has effect in public law, or a
document like a contract or a will that has effect in private law – must be
able to articulate why it is possible that the text has more than one meaning,
and why one of those meanings is preferable to another. An important aid for performing those tasks is
the conceptual apparatus of English grammar. This paper, written as an aid for students of
legal interpretation, outlines
some fundamentals of English grammar, and shows, via numerous examples, how the
courts have used the language of grammar in solving problems of
interpretation.”
Wednesday, August 23, 2017
Highly unlikely, but worth thinking about.At least, in my Security class.
While some experts believe that being able to engineer
such a collision would be unlikely, given the security systems of the US Navy
and the logistics of having two ships converge, others say putting the recent
incidents down to human error and coincidence is an equally unsatisfactory
explanation.
…Analysts are
divided on the issue, with some believing US Navy crews may simply be
overstretched as they try to tackle myriad threats in the region, and pointing
to the difficulties of sailing through waterways crowded with merchant
shipping.
But others believe something more sinister may be going
on.
Itar Glick, head of Israeli-based international
cybersecurity firm Votiro, said the spate of incidents suggested that US Navy
ships' GPS systems could have been tampered with by hackers, causing them to
miscalculate their positions.
"I think that hackers could try to do this, and if
they are state sponsored they might have the right resources to facilitate this
kind of attack," he told AFP.
Is Kid Rock leading the U.S.
Senate race in Michigan? A story like
that is essentially designed to go viral, and that’s exactly what happened when
Delphi
Analytica released a poll fielded from July 14 to July 18. Republican Kid Rock earned 30 percent to Sen.
Debbie Stabenow’s 26 percent. A sitting
U.S. senator was losing to a man who sang the
lyric, “If I was president of the good ol’ USA, you know I’d turn our
churches into strip clubs and watch the whole world pray.”
There was just one problem: Nobody
knew if the poll was real. Delphi
Analytica’s website
came online July 6, mere weeks before the Kid Rock poll was supposedly
conducted. The pollster had basically no
fingerprint on the web.
Every “new” technology must go through the same learning
curve every “older” technology has mapped out.Why?Take my class.
Robot makers slow to fix vulnerabilities that could allow
hackers to spy and disable safety features
Researchers who warned half a dozen robot manufacturers in
January about nearly 50 vulnerabilities in their home, business and industrial
robots, say only a few of the problems have been addressed.
The researchers, Cesar Cerrudo and Lucas Apa of
cybersecurity firm IOActive, said the vulnerabilities would allow hackers to
spy on users, disable safety features and make robots lurch and move violently,
putting users and bystanders in danger.
While they say there are
no signs that hackers have exploited the vulnerabilities, [Yet.Bob] they say the fact that the robots
were hacked so easily and the manufacturers’ lack of response raise questions
about allowing robots in homes, offices and factories.
Sony fails again?How hard did they test these phones?
Xperia Owners Could Fetch Up To $300 For Sony's False
Waterproofing Claims
Sony made
a number of smartphones
and tablets that it claimed were water resistant and could survive rain and spills
without damage. There was only one problem
though; Sony didn't do a great job making the devices water resistant. When customers initiated warranty claims
citing water damage, Sony didn't do much to help them, which resulted in a
class action lawsuit against the electronics maker.
That class action suit is now wrapping up and owners of
certain affected devices can get up to 50 percent refund on the purchase price
of the smartphone. There are 24 Sony
smartphone models in the suit, all advertised with having water resistant IP
ratings.
For my students to debate. A TED video.
What moral decisions should driverless cars make?
Should your driverless car kill you if it means saving
five pedestrians? In this primer on the
social dilemmas of driverless cars, Iyad Rahwan explores how the technology
will challenge our morality and explains his work collecting data from real
people on the ethical trade-offs we're willing (and not willing) to make.
No harm in asking for the moon and settling for Mt.
Everest?
Federal prosecutors scale back request for info on visitors
to anti-Trump website
Federal prosecutors Tuesday tried to quell concern from
privacy advocates by amending the government’s demand for millions of IP
addresses from a Los Angeles-based tech company as part of an investigation
into rioters in Washington during the Jan. 20 inauguration.
…DreamHost and
other privacy rights advocates such as the nonprofit group Public Citizen
argued the warrant violated the users’ constitutional rights. A hearing is scheduled for Thursday in D.C.
Superior Court before Judge Robert E. Morin, the court’s chief judge. Attorneys for DreamHost and the government are
expected to argue over the legal authority of such a warrant.
In a filing late Tuesday, prosecutors from the U.S.
attorney’s office in the District amended the original warrant by saying they
plan to focus only on the 200 or so individuals who have already been charged
with rioting.
…“The government has no interest in records relating to
the 1.3 million IP addressesthat are mentioned in
DreamHost’s numerous press releases and opposition briefs,” prosecutors wrote
in their filing. Prosecutors also said
that they would “set aside” and seal any information obtained from DreamHost
that is not originally sought after and specifically in the warrant. Prosecutors, however, did say they could
revisit such information obtained but would only do so with a court order.
…Prosecutors are
seeking membership discussion lists associated with the website, as well as
more than 2,000 photographs associated with the site. Prosecutors are also asking for unpublished
material such as “draft blog posts” and “hundreds” of other images.
Walmart, Google Partner to Make Shopping Even Easier – Here’s
How
Today, we’re announcing an exciting partnership with Google … Starting in late September, we’ll be working
with Google to offer hundreds of thousands of items for voice shopping via
Google Assistant – the largest number of items currently offered by a retailer
through the platform.
…This will enable
us to deliver highly personalized shopping recommendations based on customers’
previous purchases, including those made in Walmart stores and on Walmart.com. To take advantage of this personalization,
customers only need to link their Walmart account to Google Express.
Perspective.Could this
eventually replace Estonia’s paper currency and become as solid as the US
Dollar?
Estonia is considering taking advantage of the
cryptocurrency hype to do an initial coin offering (ICO) for its own country.
Kaspar Korjus, a representative for the Baltic country, wrote
that if investors showed enough interest, Estonia would issue its own
cryptocurrency to raise funds.
Estonia already has an “e-residency” program where anyone
in the world can become a digital resident of the country, allowing them to
open a business there. It sees issuing a
coin as the next step in advancing its economy and expanding its global
presence.
…It’s unclear how
an "estcoin" would differ from other cryptocurrencies that already
exist, though.
“By using our APIs, companies and even other countries
could accept these same tokens as payment,” Korjus wrote. “It will also be possible to build more
functions on top of the estcoins and use them for more purposes, such as smart
contracts and notary services.”
Kids not texting you back? There’s an app to stop all that
ReplyASAP, an app currently available only on Android
devices, allows you to send messages to any phone connected through the app. According to its website, a message appears on
the recipient’s phone – no matter if they’re playing a game, sending messages
or streaming entertainment – and makes noises (even if the phone is on silent)
until the message is read, upon which the sender is notified.
Just like any other massive cloud platform, AWS hosts a
variety of publicly accessible data. For instance, you can find huge 100 million
strong datasets of Creative Commons images and videos from Flickr. Access it with the help of the YFCC100m
Browser.
Try a search with Google.You will be surprised by the massive amount of
public documents you can find on AWS. One
of the quickest ways to search AWS for PDF files is to use good old Google
and one of its advanced search operators.
Identity Thieves Hijack Cellphone Accounts to Go After
Virtual Currency
Hackers have discovered that one of the most central
elements of online security — the mobile phone number — is also one of the
easiest to steal.
In a growing
number of online attacks, hackers have been calling up Verizon,
T-Mobile U.S., Sprint and AT&T and asking them
to transfer control of a victim’s phone number to a device under the control of
the hackers.
Once they get
control of the phone number, they can reset the passwords on every account that
uses the phone number as a security backup — as services like Google, Twitter
and Facebook suggest.
…But a
particularly concentrated wave of attacks has hit those with the most obviously
valuable online accounts: virtual currency fanatics like Mr. Burniske.
Within minutes
of getting control of Mr. Burniske’s phone, his attackers had changed the
password on his virtual currency wallet and drained the contents — some
$150,000 at today’s values.
Most victims of
these attacks in the virtual currency community have not wanted to acknowledge
it publicly for fear of provoking their adversaries. But in interviews, dozens of prominent people
in the industry acknowledged that they had been victimized in recent months.
Another Hack that is so simple you wonder why more people
don’t try it.
Last month, CCN reported on CoinDash’s ICO being hacked.
Hackers
managed to change the address on its websiteand made over $9
million. Now, despite not making as much
money, a hacker managed to compromise Enigma before its ICO in a similar way,
and has netted over 1,500 Ether (over $500,000) from the community.
Enigma, a project started by MIT
graduates whose ICO was scheduled for September, didn’t lose any money itself,
as the hacker only managed to get his hands on the company’s website, mailing
list, and Slack group.
Unfortunately, with most fine print being exceedingly wordy, it can be a
challenge to wade through all the legalese and understand what it all means. That’s where TOSDR comes in.
TOSDR (Terms of Service Didn’t Read) is a site that breaks
down and rates the terms and conditions on numerous sites. Sites are rated from Class A (very good) to
Class E (very bad). In addition, TOSDR
points out the good and bad things about each site, giving you insight into how
they are rated.
Perspective.Middle
of the road is boring!But do Facebook
followers translate into votes?
Pew – “The most liberal and conservative members of the
115th Congress have attracted more Facebook followers than moderates, according
to a new Pew Research Center analysis. In both legislative chambers, members’
ideology is a strong predictor of the number of people who follow them on
Facebook. The most liberal and most
conservative House members had a median of 14,361 followers as of July 25,
compared with 9,017 followers for those in the middle of the ideological
spectrum.The median number of followers
for the Senate’s most liberal and conservative lawmakers was 78,360, while
moderates had 32,626. (These figures
reflect each member’s total number of followers since the creation of their
official Facebook page, not the number gained since the 115th Congress began.) The Center’s analysis determines each lawmaker’s
ideology based on a score calculated through their congressional roll call
votes. This widely
employed measure, created by two political scientists in the 1980s, assigns
each member a score that falls between -1 (most liberal) and +1 (most
conservative)…”
Perspective. Facebook: The Social Network for old people?
Instagram, Snapchat Adoption Still Surging in US and UK
…eMarketer has
reduced its usage estimates for US monthly Facebook users ages 12 to 17 and 18
to 24. Yet for the same age groups, we
have kept unchanged or adjusted higher our usage estimates for Snapchat and
Instagram, suggesting younger social network users are turning away from
Facebook in favor of other platforms.
Facebook’s community of monthly users in the US will grow
2.4% this year to 172.9 million people, a figure slightly higher than
previously forecast due to increased
adoption by older internet users.
But the social network’s monthly user base among the
marketer-coveted 12 to 17 age group will fall 3.4% vs. 2016 to 14.5 million
people—the second consecutive year of expected usage declines by this group and
one that will have accelerated from the 1.2% slip seen in 2016.
…“We see teens
and tweens migrating to Snapchat and Instagram. Both platforms have found success with this
demographic since they are more aligned with how they communicate—that is,
using visual content.
Center for Data Innovation: “Artificial intelligence (AI)
has the potential to dramatically transform huge swathes of the economy and
societyfor the better, and as the technology continues to
make headlines many countries are developing plans to ensure they can take full
advantage of these benefits. Below is a
high-level overview of a number of national-level policies some countries have
undertaken to take advantage on the technology. While it is not intended to be an exhaustive
list of every policy initiative countries have launched around AI, it is meant
to show the most significant ones. Canada,
China, Japan, the United Kingdom, and the United States have all taken
high-profile steps towards advancing AI over the past two years. These range from prospective research about
the potential impacts of AI to large amounts of funding and ambitious strategic
plans to bolster national capacity to take advantage of the technology. While it appears the United States is the
early leader in developing and adopting AI, many other countries are working
diligently to surpass it as they recognize the importance that this technology
will have on economic competitiveness…”
But of course, Mark is not running for office… Will Trump start bad-mouthing Facebook?
Trump reportedly eyeing Zuckerberg as a 2020 threat
President Trump apparently sees Facebook CEO Mark
Zuckerberg as a threat to his reelection campaign in 2020.
Zuckerberg is a part of a list of potential 2020
Democratic challengers whom Trump is watching, Politico
reported Monday.The list includes
dozens of individuals who could throw their hat in the ring for the
presidential race, including Sen. Elizabeth Warren (D-Mass.).
On the Republican side, Trump allies are reportedly
keeping an eye on a possible primary challenge from Ohio Gov. John Kasich.
I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.