Something I warn my Computer Security students
about almost every class.
A dumb
security flaw let a hacker download US drone secrets
A hacker used a basic security vulnerability to
access highly sensitive files relating to the US military's spy
drones and tanks, new research claims. Security firm Recorded Future
says it discovered a criminal attempting to sell the secret
information for only a few hundred dollars on a dark web forum last
month.
… The information was exposed after two
members of the US military connected to the internet through Netgear
routers that still used the
default log-in settings for file sharing. The bypass for
the routers was first
discovered two years ago and devices still vulnerable haven't had
their firmware updated.
One simple tool in the battle? Hey, it can’t
hurt.
WhatsApp’s
label for forwarded messages won’t be enough to battle fake news
Continuing its mission to help fight
the spread of misinformation on its platform, WhatsApp
is introducing
a label to help identify forwarded messages.
Basically, if a message wasn’t composed by the
sender in your conversation, it’ll have a ‘forwarded’ label at
the top.
… While it’s good to see WhatsApp acting
quickly, the new feature likely won’t help much. The fact that a
message about kidnappers in one’s area is a forward (and not
originally composed by whoever sent it) may not influence recipients
to immediately assume it’s false. It could even have the opposite
effect, and encourage them to believe that if it’s been shared from
elsewhere, it might be information that should be taken seriously.
In case you’re wondering why WhatsApp can’t
simply scan the contents of messages, look for misinformation, and
censor those on its own, the reason is that your correspondence is
encrypted from end to end; the company can’t intercept messages
when it’s passing through WhatsApp servers to read them.
(Related)
Facebook Is
Testing a Feature to Tell You If That DM Came from Russia
How do you really know that Facebook message came
from who you think it came from? Perhaps it’s a sockpuppet account
designed to stir up political division, or simply someone
impersonating a friend to try and entice you to send over some cash.
Now, Facebook is testing a feature that provides
additional information about direct messages from unknown contacts,
including whether an account was recently created and what sort of
phone number it used to log in.
Erin Gallagher, a
multimedia artist, provided Motherboard with a screenshot of the
new messenger warning. It says that the person sending a direct
message logged into Messenger using a phone number from Russia; that
the account was recently created; and that the unsolicited user is
different from a Facebook friend with the same name. The last point
would presumably be helpful for identifying accounts that may be
trying to impersonate other users.
Countries seem much more willing (able?) to go
after technology companies.
Britain to
Fine Facebook Over Data Breach
Britain's
data regulator said Wednesday it will fine Facebook half a million
pounds for failing to protect user data, as part of its investigation
into whether personal information was misused ahead of the Brexit
referendum.
… "In
2014 and 2015, the Facebook platform allowed an app... that ended up
harvesting 87 million profiles of users around the world that was
then used by Cambridge Analytica in the 2016 presidential campaign
and in the referendum," Elizabeth Denham, the information
commissioner, told BBC radio.
Wednesday's
ICO report said: "The ICO's investigation concluded that
Facebook contravened the law by failing to safeguard people's
information."
… The
ICO added that it plans to issue Facebook with the maximum available
fine for breaches of the Data Protection Act – an equivalent of
$660,000 or 566,000 euros.
Because
of the timing of the breaches, the ICO said it was unable to impose
penalties that have since been introduced by the European General
Data Protection, which would cap fines at 4.0 percent of Facebook's
global turnover.
In
Facebook's case this would amount to around $1.6 billion (1.4 billion
euros).
(Related)
Facebook
Faces Australia Data Breach Compensation Claim
Facebook
could face a hefty compensation bill in Australia after a leading
litigation funder lodged a complaint with the country's privacy
regulator over users' personal data shared with a British political
consultancy.
The
social networking giant admitted in April the data of up to 87
million people worldwide – including more than 300,000 in Australia
– was harvested by Cambridge
Analytica.
Under
Australian law, all organisations must take "reasonable steps"
to ensure personal information is held securely and IMF Bentham has
teamed up with a major law firm to lodge a complaint with the Office
of the Australian Information Commissioner (OAIO).
The
OAIO launched an investigation into the alleged breaches in April and
depending on its outcome, a class action could follow.
… In
its statement, IMF Bentham said it appeared Facebook learned of the
breach in late 2015, but failed to tell users about it until this
year.
IMF
investment manager Nathan Landis told The Australian newspaper most
awards for privacy breaches ranged between Aus$1,000 and Aus$10,000
(US$750-US$7,500).
This
implies a potential compensation bill of between Aus$300 million and
Aus$3 billion.
Because we’ll be watching him like a hawk. (No
pun intended.)
SCOTUS
Watch and Yale blog annotated list of Kavanaugh dissents and
concurrences
“This site is brought to you by Jay
Pinho and Victoria
Kwan, the co-creators of SCOTUS
Map. What is this? SCOTUS
Watch tracks the public statements made by United States senators
about how they plan to vote on the Supreme Court nominee, Brett
Kavanaugh, and tallies them into a likely vote count. This
tally is based solely on their statements: we do not
make estimates or guesses based on a senator’s party affiliation or
ideology. Note that this only includes statements made by senators
after the identity of the nominee was announced.
(So, for example, Senator Doug Jones’ statement
to CNN on Sunday, July 8th would not count, as Brett Kavanaugh
had not yet been announced.)”
-
See also D.C. Circuit Review – Reviewed: Brooding Spirits, Judge Kavanaugh Edition – via Notice & Comment, a blog from the Yale Journal on Regulation and the ABA Section of Administrative Law & Regulatory Practice, is managed by the Yale Journal on Regulation.
-
Washington Post: Brett Kavanaugh has sided with broad views of presidential powers.
3D printers are cheap. Just saying…
DIY Guns: A
Landmark Ruling Opens the Door for Homemade Firearms
Cody Wilson makes digital files that let anyone
3-D print untraceable guns. The government tried to stop him. He
sued—and won.
Five years ago, 25-year-old radical libertarian
Cody Wilson stood on a remote central Texas gun range and pulled the
trigger on the world’s first fully
3-D-printed gun. When, to his relief, his plastic invention
fired a .380-caliber bullet into a berm of dirt without jamming or
exploding in his hands, he drove back to Austin and uploaded the
blueprints for the pistol to his website, Defcad.com.
He'd launched the site months earlier along with
an anarchist
video manifesto, declaring that gun control would never be the
same in an era when anyone can download and print their own firearm
with a few clicks. In the days after that first test-firing, his gun
was downloaded more than 100,000 times.
… Less than a week later, Wilson received a
letter from the US State Department demanding
that he take down his printable-gun blueprints or face prosecution
for violating federal export controls. Under an obscure set of
US regulations known as the International Trade in Arms Regulations
(ITAR), Wilson was accused of exporting weapons without a license,
just as if he'd shipped his plastic gun to Mexico rather than put a
digital version of it on the internet.
… Two months ago, the Department of Justice
quietly offered Wilson a settlement to end a lawsuit
he and a group of co-plaintiffs have pursued since 2015 against the
United States government. Wilson and his team of lawyers focused
their legal argument on a free speech claim: They pointed out that by
forbidding Wilson from posting his 3-D-printable data, the State
Department was not only violating his right to bear arms but his
right to freely share information. By blurring the line between a
gun and a digital file, Wilson had also successfully blurred the
lines between the Second Amendment and the First.
Perspective.
Howard
Yu, Lego Professor of Management and Innovation at
IMD Business School in Switzerland, discusses how the industrial
cluster in the Swiss city of Basel is a
unique example of enduring competitive advantage. He
explains how early dye makers were able to continually jump to new
capabilities and thrive for generations. He says the story of those
companies offers a counter-narrative to the pessimistic view that
unless your company is Google or Apple, you can’t stay ahead of the
competition for long. Yu is the author of LEAP:
How to Thrive in a World Where Everything Can Be Copied.
Perspective.
China
Internet Report 2018
“China has twice as many internet users as the
total population of the United States — and it’s growing fast.
This unique collaboration between Abacus, 500 Startups, the South
China Morning Post, will break
down everything you need to know about China’s thriving tech
industry, the big players in each field, and lay out the four
overarching trends that have emerged.”
[From
the top ten report:
1)
China has nearly 3 times the number of internet users as the United
States, and the gap will only widen.
4)
Government policy continue to actively shape China’s tech industry.
10)
China is now the world’s biggest gaming market.
Perspective. Not India?
China is
owning the future of cars. German automakers want in
Top German carmakers including BMW and Volkswagen
have inked a series of deals this week to continue developing
electric and self-driving cars in China.
The flurry of commitments coincides with a trip to
Berlin by Chinese Prime Minister Li Keqiang, but it also reflects a
growing recognition that China holds the key to the auto industry's
future.
Factories in China produced about 25 million
passenger cars last year, according to the International Organization
of Motor Vehicle Manufacturers. China is already the top market for
many global car brands, and its drivers purchase more electric
vehicles than any other country.
… "The fact that the [electric vehicle
program] is mandatory creates a virtually certain market for plug-in
vehicles in China. Elsewhere the consumer has been left to decide
and so progress has been, and will be, slower," said Al Bedwell,
a director at LMC Automotive.
Looks like a useful tool.
Kami -
Annotate and Collaborate on PDFs
Kami
is a neat service that makes it easy to annotate and comment on PDFs.
The folks at Kami describe their service as a digital pen and paper.
That is an accurate description of what the core of the service
provides. The core function of Kami provides you with a place to
draw, highlight, and type on a PDF. You can share your PDFs in Kami
and write notes in the margins for others to see and they can do the
same.
Create a
free account to start using Kami.
Once you have created your account you can import PDFs into Kami
from your Google Drive or you can import them from your desktop.
Kami can be integrated with Google Classroom to make it easy to share
annotated PDFs with your students and for them to share with you.
Kami's
core service for drawing, commenting, and annotating PDFs is free for
all users. Kami does offer the option to upgrade to a premium
account. The premium
version includes options for adding voice comments and video comments
to your PDFs. The premium version also supports conversion and use
of Word documents.
For my starving students.
7-Eleven convenience stores are handing out free
Slurpees this Wednesday, July 11, from 11 to 7, for the chain’s
annual 7-Eleven
Day.
No comments:
Post a Comment