Another example of poor design preventing good
security.
A Google engineer discovered a vulnerability in
the third-party system controlling access to doors across its campus
in Sunnyvale, California, and took the opportunity to prove that he
could bypass any RFID keycard-operated lock in the facility,
Forbes
reported on Monday.
According to Forbes, employee David Tomaschik
discovered that Software
House devices connected to Google’s network used an unsecure,
hardcoded encryption key, and launched the attack to prove
the consequences that could arise
… Tomaschik was also able to use his knowledge
of the vulnerability to impede other Google staffers’ access to
parts of the building. Worst of all, he could do all of this without
leaving any trace
… The Software House devices’ design has
since been updated to increase security, though the
original devices cannot be updated by any method short of a hardware
replacement due to memory restrictions, Forbes added.
No one is at fault? Why wasn’t the bank looking
at the same things the “Dutch authorities” found?
ING fined
€775m for lax crime prevention
Dutch bank ING has agreed to pay fines and other
payments of €775m ($897m; £698m) after admitting errors in its
policies to stop financial crime.
The bank said it regretted that its mistakes had
let some customers use their accounts for things such as money
laundering between 2010 and 2016.
… An investigation by Dutch authorities found
no evidence that any ING staff had helped customers who may have used
banking services for potential criminal activities.
It ruled that the errors were not down to
individuals, but more the fault of "collective shortcomings at
all responsible management levels".
Despite this, ING has started measures against a
number of former senior employees, including holding back some of
their financial packages.
In a statement, Dutch prosecutors said: "Clients
for years were able to make use of ING bank accounts for criminal
activities pretty much undisturbed.
(Related) Bad advice from their lawyers or just a
risk they were willing to take?
SocGen
expects around $1.27 billion in U.S. sanctions penalties
France’s Societe Generale expects penalties
relating to its dispute with U.S. authorities over international
sanctions violations to be close to 1.1 billion euros ($1.27 billion)
which would almost entirely be covered by provisions.
… The last case that remains to be settled
relates to dollar transfers made on behalf of entities based in
countries subject to U.S. economic sanctions.
… In June, it agreed to pay $1.3 billion to
authorities in the U.S. and France to end the disputes over
transactions made with Libya and over the suspected rigging of Libor,
a key interest rate used in contracts worth trillions of dollars
globally.
Seems like a natural consequence of the effort to
‘sanitize’ the public discussion.
Facebook’s
Private Groups Offer Refuge to Fringe Figures
… In recent months, though, he and other
large-scale purveyors of inflammatory speech have found refuge in
private groups, where they can speak more openly with less fear of
being punished for incendiary posts.
Several private Facebook groups devoted to
QAnon,
a sprawling pro-Trump conspiracy theory, have thousands of members.
Regional chapters of the Proud Boys, a right-wing nationalist group
that Twitter
suspended
last month for its “violent extremist” nature, maintain private
Facebook groups, which they use to vet new members. And
anti-vaccination groups have
thrived
on Facebook, in part because they are sometimes recommended to
users by the site’s search results and “suggested groups”
feature.
… When it comes to public-facing pages, Ms.
Sandberg will have plenty of company actions to cite. Facebook has
taken many steps to clean up its platform, including hiring thousands
of additional moderators, developing new artificial-intelligence
tools and
breaking
up coordinated influence operations ahead of the midterm
elections.
But when it comes to more private forms of
communication through the company’s services — like Facebook
groups, or the messaging apps WhatsApp and Facebook Messenger — the
social network’s progress is less clear.
Some
experts worry
that Facebook’s public cleanup may be pushing more toxic content
into these private channels, where it is harder to monitor and
moderate.
A question from ignorant me: Dos the EU produce
30% of the worlds “content.” Apparently, the answer is NO.
Local
Product Quotas for Netflix, Amazon to Become Law, EU Official Says
(EXCLUSIVE)
Quotas obligating
Netflix,
Amazon and other
streaming services operating in the
European
Union to
dedicate at
least 30% of their on-demand catalogs to local content are
set to become enshrined in law soon.
Roberto Viola, head of the European Commission
department that regulates communications networks, content and
technology, said the new rules, which will also demand visibility and
prominence of European product on streamers, are on track to be
approved in December.
“We
just need the final vote, but it’s a mere formality,” he told
Variety at the
Venice
Film Festival.
Netflix,
Amazon
and other streamers will be required to fund TV series and films
produced in Europe by commissioning content, acquiring it
or paying into national film funds through a small surcharge added to
their subscription fee, something which is already happening in
Germany. Netflix tried unsuccessfully to fight the German surcharge
in court.
For my students who fear local retail is doomed.
Lessons
learned from rise of e-commerce breathe new life into retail stores
… From the garden section at Walmart to the
diamond counters at Tiffany & Co., old-school retailers are
experiencing some of their
best sales growth in years.
… The boom also reflects a broad reordering of
the $3.5 trillion industry, with fewer retailers capturing more of
the gains. Stores that have learned how to match the ease and
instant gratification of e-commerce shopping are flourishing, while
those that have failed to evolve are in bankruptcy or on the brink.
“The retailers that get it recognize that Amazon
has forever changed consumer behavior,” said Barbara Kahn, a
marketing professor and former director of the retailing center at
the Wharton School. “I shouldn’t have to work to shop.”
Many successful stores are now a cross between a
fast-food drive-through and a hotel concierge.
Target’s shoppers can order sunscreen or a
Tokidoki Unicorno T-shirt on their phone, pull up to the parking lot
and have the items brought to their car.
Nordstrom lets customers in some stores make
returns by dropping their items into a box and walking out — no
human interaction required.
Walmart is employing 25,000 “personal shoppers”
to select and package groceries for curbside pickup.
In recent weeks, all three retailers reported
stronger-than-expected sales growth for the quarter. Traffic to
Target’s stores and online sites grew at its fastest pace since the
company began keeping a record a decade ago.
… Retailers have been tweaking their store and
online strategies for years. But it’s only recently that Amazon’s
blistering success has prodded the incumbents to try to reinvent
themselves.
Kahn of
the Wharton School said retailers could have made these improvements
decades ago if they had focused on what shoppers wanted.
Good luck. But then, if you are making the
Grants, you should dictate the rules.
Radical
open-access plan could spell end to journal subscriptions
Research funders from France, the United Kingdom,
the Netherlands and eight other European nations have
unveiled
a radical open-access initiative that could change the face of
science publishing in two years — and which has instantly provoked
protest from publishers.
The 11 agencies, who together spend €7.6 billion
(US$8.8 billion) in research grants annually, say they will mandate
that, from 2020, the scientists they fund must make resulting papers
free to read immediately on publication (see ‘Plan S players’).
The papers would have a liberal publishing licence that would allow
anyone else to download, translate or otherwise reuse the work. “No
science should be locked behind paywalls!” says a preamble document
that accompanies the pledge, called Plan S, released on 4 September.
For the student toolkit.
Visualizing
Data in 3D
Visualizing
Data in 3D – “Microsoft has published a free data
visualization tool called Charts 3D that allows PC and Surface Hub
users to create 3D visualizations of multi-axis data without knowing
how to code. After users import datasets, Charts 3D generates an
interactive graphic, such as a geospatial plot, scatter plot, or line
graph. Users can filter their data, switch between 3D and 2D, and
alter the visualizations using voice commands.”