Tuesday, September 04, 2018

Another example of poor design preventing good security.
A Google engineer discovered a vulnerability in the third-party system controlling access to doors across its campus in Sunnyvale, California, and took the opportunity to prove that he could bypass any RFID keycard-operated lock in the facility, Forbes reported on Monday.
According to Forbes, employee David Tomaschik discovered that Software House devices connected to Google’s network used an unsecure, hardcoded encryption key, and launched the attack to prove the consequences that could arise
… Tomaschik was also able to use his knowledge of the vulnerability to impede other Google staffers’ access to parts of the building. Worst of all, he could do all of this without leaving any trace
… The Software House devices’ design has since been updated to increase security, though the original devices cannot be updated by any method short of a hardware replacement due to memory restrictions, Forbes added.




No one is at fault? Why wasn’t the bank looking at the same things the “Dutch authorities” found?
ING fined €775m for lax crime prevention
Dutch bank ING has agreed to pay fines and other payments of €775m ($897m; £698m) after admitting errors in its policies to stop financial crime.
The bank said it regretted that its mistakes had let some customers use their accounts for things such as money laundering between 2010 and 2016.
… An investigation by Dutch authorities found no evidence that any ING staff had helped customers who may have used banking services for potential criminal activities.
It ruled that the errors were not down to individuals, but more the fault of "collective shortcomings at all responsible management levels".
Despite this, ING has started measures against a number of former senior employees, including holding back some of their financial packages.
In a statement, Dutch prosecutors said: "Clients for years were able to make use of ING bank accounts for criminal activities pretty much undisturbed.


(Related) Bad advice from their lawyers or just a risk they were willing to take?
SocGen expects around $1.27 billion in U.S. sanctions penalties
France’s Societe Generale expects penalties relating to its dispute with U.S. authorities over international sanctions violations to be close to 1.1 billion euros ($1.27 billion) which would almost entirely be covered by provisions.
… The last case that remains to be settled relates to dollar transfers made on behalf of entities based in countries subject to U.S. economic sanctions.
… In June, it agreed to pay $1.3 billion to authorities in the U.S. and France to end the disputes over transactions made with Libya and over the suspected rigging of Libor, a key interest rate used in contracts worth trillions of dollars globally.




Seems like a natural consequence of the effort to ‘sanitize’ the public discussion.
Facebook’s Private Groups Offer Refuge to Fringe Figures
… In recent months, though, he and other large-scale purveyors of inflammatory speech have found refuge in private groups, where they can speak more openly with less fear of being punished for incendiary posts.
Several private Facebook groups devoted to QAnon, a sprawling pro-Trump conspiracy theory, have thousands of members. Regional chapters of the Proud Boys, a right-wing nationalist group that Twitter suspended last month for its “violent extremist” nature, maintain private Facebook groups, which they use to vet new members. And anti-vaccination groups have thrived on Facebook, in part because they are sometimes recommended to users by the site’s search results and “suggested groups” feature.
… When it comes to public-facing pages, Ms. Sandberg will have plenty of company actions to cite. Facebook has taken many steps to clean up its platform, including hiring thousands of additional moderators, developing new artificial-intelligence tools and breaking up coordinated influence operations ahead of the midterm elections.
But when it comes to more private forms of communication through the company’s services — like Facebook groups, or the messaging apps WhatsApp and Facebook Messenger — the social network’s progress is less clear. Some experts worry that Facebook’s public cleanup may be pushing more toxic content into these private channels, where it is harder to monitor and moderate.




A question from ignorant me: Dos the EU produce 30% of the worlds “content.” Apparently, the answer is NO.
Local Product Quotas for Netflix, Amazon to Become Law, EU Official Says (EXCLUSIVE)
Quotas obligating Netflix, Amazon and other streaming services operating in the European Union to dedicate at least 30% of their on-demand catalogs to local content are set to become enshrined in law soon.
Roberto Viola, head of the European Commission department that regulates communications networks, content and technology, said the new rules, which will also demand visibility and prominence of European product on streamers, are on track to be approved in December.
“We just need the final vote, but it’s a mere formality,” he told Variety at the Venice Film Festival.
Netflix, Amazon and other streamers will be required to fund TV series and films produced in Europe by commissioning content, acquiring it or paying into national film funds through a small surcharge added to their subscription fee, something which is already happening in Germany. Netflix tried unsuccessfully to fight the German surcharge in court.




For my students who fear local retail is doomed.
Lessons learned from rise of e-commerce breathe new life into retail stores
… From the garden section at Walmart to the diamond counters at Tiffany & Co., old-school retailers are experiencing some of their best sales growth in years.
… The boom also reflects a broad reordering of the $3.5 trillion industry, with fewer retailers capturing more of the gains. Stores that have learned how to match the ease and instant gratification of e-commerce shopping are flourishing, while those that have failed to evolve are in bankruptcy or on the brink.
“The retailers that get it recognize that Amazon has forever changed consumer behavior,” said Barbara Kahn, a marketing professor and former director of the retailing center at the Wharton School. “I shouldn’t have to work to shop.”
Many successful stores are now a cross between a fast-food drive-through and a hotel concierge.
Target’s shoppers can order sunscreen or a Tokidoki Unicorno T-shirt on their phone, pull up to the parking lot and have the items brought to their car.
Nordstrom lets customers in some stores make returns by dropping their items into a box and walking out — no human interaction required.
Walmart is employing 25,000 “personal shoppers” to select and package groceries for curbside pickup.
In recent weeks, all three retailers reported stronger-than-expected sales growth for the quarter. Traffic to Target’s stores and online sites grew at its fastest pace since the company began keeping a record a decade ago.
… Retailers have been tweaking their store and online strategies for years. But it’s only recently that Amazon’s blistering success has prodded the incumbents to try to reinvent themselves.
Kahn of the Wharton School said retailers could have made these improvements decades ago if they had focused on what shoppers wanted.




Good luck. But then, if you are making the Grants, you should dictate the rules.
Radical open-access plan could spell end to journal subscriptions
Research funders from France, the United Kingdom, the Netherlands and eight other European nations have unveiled a radical open-access initiative that could change the face of science publishing in two years — and which has instantly provoked protest from publishers.
The 11 agencies, who together spend €7.6 billion (US$8.8 billion) in research grants annually, say they will mandate that, from 2020, the scientists they fund must make resulting papers free to read immediately on publication (see ‘Plan S players’). The papers would have a liberal publishing licence that would allow anyone else to download, translate or otherwise reuse the work. “No science should be locked behind paywalls!” says a preamble document that accompanies the pledge, called Plan S, released on 4 September.




For the student toolkit.
Visualizing Data in 3D
Visualizing Data in 3D – “Microsoft has published a free data visualization tool called Charts 3D that allows PC and Surface Hub users to create 3D visualizations of multi-axis data without knowing how to code. After users import datasets, Charts 3D generates an interactive graphic, such as a geospatial plot, scatter plot, or line graph. Users can filter their data, switch between 3D and 2D, and alter the visualizations using voice commands.”


No comments: