Depressing. They suggest there is nothing we can do to eliminate
phishing success and suggest we concentrate on detecting the
resulting intrusion.
Hook, Line
and Sinker: After Phish Get Caught
Phishing is nearly as old as email, but it is
still a major attack vector for cybercriminals. Some of the most
prominent cyber incidents of the past few years are the result of
phishing attempts. Despite the maturity of this problem, the
solutions proposed by the industry during the past decades haven't
been successful. At the recent Black Hat conference, several vendors
all offered the same tactic for squishing phishing: user training to
increase recognition of phishing attacks.
If that advice was going to work, it would have
started working more than a decade ago and we would not have the
scandals resulting from hacked political campaigns that have emerged
since 2016.
What was the pre-Internet equivalent? Spies
photographing the plans for new weapons? U2 overflights?
For years, the Kremlin's increasingly aggressive
hackers have reached across the globe to hit targets with everything
from simple
phishing schemes to worms
built from leaked NSA zero day vulnerabilities. Now, law
enforcement agencies in the US and Europe have detailed another, far
more hands-on tactic: Snooping on Wi-Fi from a vehicle parked a few
feet away from a target office—or even from a laptop inside their
hotel.
A hardware parallel for my Software Assurance
students. Maybe all those security claims are not exactly accurate?
Watch a
Homemade Robot Crack a Safe in Just 15 Minutes
A great summary Yasmin, but I would start with the
general lowering of expectations. Does anyone still believe they can
keep anything private?
Top Five
Privacy Concerns of Tomorrow
Perspective.
The
Internet’s keepers? “Some call us hoarders—I like to say we’re
archivists”
… “I’ve got government video of how
to wash your hands or prep
for nuclear war,” says Mark Graham, director of the Wayback
Machine at the Internet Archive. “We could easily make a list of
.ppt files in all the websites from .mil, the Military Industrial
PowerPoint Complex.”
… And the immediate takeaway is that the scale
of the Internet Archive today may be as hard to fathom as the scale
of the Internet itself.
… The
archive also maintains a nearby warehouse for storing physical
media—not just books, but things like vinyl records, too. That’s
where Graham jokes the
main unit of measurement is “shipping container.” The archive
gets that much material every two weeks.
The company currently stands as the second-largest
scanner of books in the world, next to Google. Graham put the current
total above four million.
… Today,
books published prior to 1923 are free to download through the
Internet Archive, and a lot of the stuff from afterwards can be
borrowed as a digital copy.
… Of
course, the Internet Archive offers much more than text these days.
Its broadcast-news collection has more than 200 million hours with
tools such as the ability to search for words in chyrons and access
to recent news (broadcasts are embargoed for 24 hours and then
delivered to visitors in searchable two-minute chunks). The growing
audio and music portion of the Internet Archive covers radio news,
podcasting, and physical media (like a collection of 200,000
78s recently donated by the Boston Library). And as Ars has
written about, the organization boasts an
extensive classic video game collection that anyone can boot up
in a browser-based emulator for research or leisure. Officially,
that section involves 300,000-plus overall software titles, “so you
can actually play Oregon Trail
on an old Apple C computer through a browser right now—no
advertising, no tracking users,” Graham says.
… In
total, Graham says the Internet Archive adds
four petabytes of information per year
(that's four million
gigabytes, for context). The organization’s current data totals 22
petabytes—but the Internet Archive actually holds on to 44
petabytes worth. “Because we’re paranoid,” Graham says.
“Machines can go down, and we have a reputation.” That NASA-ish
ethos helped the non-profit once survive
nearly $600,000 worth of fire damage—all without any archived
data loss.
If Harvard
says so it must be true!
Tips for my students.
How To
Email Like A CEO
… Most of us fluctuate between email,
iMessage, G-chat, Slack, Instagram, Twitter, and Facebook every few
seconds for hours on end. The amount of reading that we do is more
than ever before, but when it comes to business one thing is for
sure: The more senior you
are, the faster your response time. CEO’s tend to
respond faster than the majority of their employees. If you ever
email a CEO, no matter what level you are, you can expect a response
in under five minutes. If you don’t get one, I can assure you that
they immediately forwarded your email to someone else to respond to
it. Either way, it has been read.
No comments:
Post a Comment