If a hacker hacks another hacker, is that like
“the enemy of my enemy is my friend?”
Joseph Cox reports:
Last week, Motherboard reported that a vigilante hacker had stolen data from a hacking group that researchers say is a government-linked cyberespionage unit. The data included GPS locations, text messages, and phone calls that the group had taken from their own victims. Now, that hacker has seemingly published the stolen data online for anyone to download.
Read more on Motherboard.
Could make for an interesting discussion in my
Software Architecture class.
A global interpretation of US v Microsoft? “If
you want access to our data, we want access to your data.” Whose
laws must I obey?
Digital
Free for All Part Deux: European Commission Proposal on E-Evidence
The European Commission has released a proposal to
enable EU-member states’ law enforcement authorities to access
digital information regardless of where that data is stored. It
shares several of the practical and human rights problems as the
similar piece of U.S. legislation known as the CLOUD
Act, as well raising fresh concerns of its own.
The proposal, labelled “E-evidence
– cross-border access to electronic evidence” is now heading
to the European Parliament and Council for debate. The EU
institutions should review this measure closely before amplifying the
errors of the CLOUD Act and raising new problems for cross-border
access to electronic evidence. Left unchanged, the Commission
proposal will make a difficult situation worse.
What
Does the Proposal Mean for Digital Rights?
There will be a lot to debate in the Commission’s
proposal as it winds through the EU legislative process. However,
two initial areas of concern should be addressed swiftly by EU
institutions. First is the fact that this proposal could usher in
paradigm shift in the system cross-border access to data in criminal
investigations, risking a digital free for all and eliminating
critical junctures for judicial review of law enforcement requests
for data. The second concern centers around the proposal’s failure
to adequately safeguard human rights. We at EPIC pointed to
precisely these risks in our amicus
brief in the now mooted United States v. Microsoft case
concerning U.S. law enforcement access to data stored in Ireland.
Not quite tossing the baby with the bathwater, but
then this is only one example.
Deleted
WHOIS Data: An Unintended Consequence of GDPR
… As
security professionals, next week we can expect to see another
example of an unintended consequence when the General
Data Protection Regulations (GDPR) goes into effect. There are
actually a few unintended consequences from these new regulations,
but one of the most concerning is the upcoming response that domain
registrars are discussing through the global body the Internet
Corporation for Assigned Names and Numbers (ICANN). As the name
suggests, ICANN is responsible for maintaining the rules for WHOIS
data – essentially, a telephone directory-like structure that
contains detailed information on who signed up for a specific
Internet domain, including their name, address, email address and
telephone number. Such data is subject to the GDPR’s privacy
requirements for protection. As a result, under current proposals,
many of the businesses that register domains will remove key elements
of information from the system. In
effect, on May 25 the system will “go dark” until alternative
preparations are made, which ICANN representatives expect won’t
start being implemented until December 2018.
… Without
access to this critical resource, combatting criminal behavior on the
Internet becomes much more difficult. To make matters worse, during
the intervening months before an alternative solution for
GDPR-compliant access is available, attackers will be able to exploit
this new-found anonymity to their advantage. We may see an uptick in
spam and, more generally, in criminal activity. As we alter our
methods for data handling, we could be exposing the very individuals
we are striving to protect, to additional risk.
I wonder what information Google gathers from
this?
Google
Offers Free DDoS Protection for U.S. Political Organizations
Jigsaw,
an incubator run by Google parent Alphabet, this week announced the
availability of Project Shield – which offers free distributed
denial of service (DDoS) protections – for the U.S. political
community.
Opened
in February 2016
to
independent, under-resourced news sites, Project Shield helps protect
free speech by fending off crippling DDoS assaults.
… In
March last year, Google and Jigsaw announced a partnership to
offer Protect Your Election,
tools that would help news organizations, human rights groups, and
election monitoring sites fend off not only DDoS assaults, but also
phishing and account takeover attempts.
This
week, Jigsaw revealed
that
Project Shield is now available for free to “U.S. political
organizations registered with the appropriate electoral authorities,
including candidates, campaigns, section 527 organizations, and
political action committees.”
Is the system smart enough to recognize that the
plate does not match the car?
Law
enforcement can identify your vehicle by make, model, year, color,
features via new software
News
release: “Leonardo’s ELSAG ALPR solutions are used by nearly
4,000 customers in over 25 countries by local, state, and federal law
enforcement agencies. Leonardo will introduce two new Automatic
License Plate Recognition (ALPR) solutions at the 2018 IACP
Technology Conference on May 21-23 in Providence, Rhode Island. The
ELSAG MTC and ECSS will be on display during the conference… After
years of research and development, Leonardo is proud to introduce
Make, Type and Color Recognition feature called ELSAG MTC to their
ELSAG Enterprise Operation Center (EOC). Using advanced computer
vision software, ELSAG ALPR data can now be processed to
include the vehicle’s make, type – sedan, SUV, hatchback, pickup,
minivan, van, box truck – and general colour – red, blue, green,
white and yellow. The solution actively recognizes the 34 most
common vehicle brands on U.S. roads.” [emphasis added]
Perspective.
Virtual
digital assistants to overtake world population by 2021
Ovum:
“Globally, the native digital assistant installed base is set to
exceed 7.5 billion active devices by 2021, which is more than the
world population according to the US Census Bureau on May 1, 2017.
But fear not – Skynet, from the popular Terminator movies, does not
feature among the leading digital assistants. Instead, Google
Assistant will dominate the voice AI–capable device market with
23.3% market share, followed by Samsung’s Bixby (14.5%), Apple’s
Siri (13.1%), Amazon’s Alexa (3.9%), and Microsoft’s Cortana
(2.3%). Ovum’s Digital Assistant and Voice AI–Capable Device
Forecast: 2016–21 found that smartphones and tablets clearly
lead the voice AI–capable device market, with 3.5 billion active
devices in 2016, most of which use Google Now and Apple Siri.
However, the use of AI in conjunction with other devices greatly
increases consumer engagement and is set to unlock new opportunities,
particularly in the home. Ovum expects an exponential uptake of
voice AI capabilities among new devices, including wearable, smart
home, and TV devices, with a combined installed base of 1.63 billion
active devices in 2021, a tenfold increase on 2016. Despite all the
hype that surrounds AI-capable connected speakers, TV devices (i.e.
smart TVs, set-top boxes, and media streamers) offer a larger
opportunity, accounting for 57% of that installed base in 2021…”
(Related). If Alexa starts talking to itself in
eight voices, can it order itself to ‘kill the humans?’
Alexa
developers get 8 free voices to use in skills, courtesy of Amazon
Polly
Now Alexa’s voice apps don’t have to sound
like Alexa. Amazon today is offering a way for developers to give
their voice apps a unique character with the
launch of eight free voices to use in skills, courtesy of the
Amazon Polly service. The voices are only available in U.S. English,
and include a mix of both male and female, according to Amazon
Polly’s website.
… To use an Amazon Polly voice instead,
developers would use Structured Speech Markup Language (SSML) and
then specify which voice they want with the “voice name” tag.
This makes it easier to adjust what is said, as developers could just
change the text instead of having to re-record an mp3.
Different cultures. Contrast with the NY subway
system.
Japanese
train firm apologises for leaving 25 seconds early
A Japanese rail company has apologised for one of
its trains leaving a station 25 seconds early, terming the incident
as a great inconvenience placed upon customers which was truly
inexcusable. What is more concerning to the Japanese, is that, in
the past months, this is not the first time this has happened with
West Japan Railways, also known as JR West. In November, a train
left 20 seconds early. The train pulled away from the Notogawa
Station platform at the 35th second of 7:11a.m. instead of the
scheduled 7:12a.m. after the conductor allegedly saw nobody on the
platform and figured that nobody would be affected by the 25 second
difference. However, one of the stranded passengers escalated their
complaint to the HeadQuarters.
My students seem eager to get rid of their
textbooks…
BookScouter
BookScouter helps you sell textbooks and used
books for the most money by comparing offers from over 35 book
buyback vendors with a single search.
No comments:
Post a Comment