When
my ethical hackers show up in new cars…
Hackers
Can Clone Millions of Toyota, Hyundai, and Kia Keys
Over
the past few years, owners of cars with keyless start systems have
learned to worry about so-called relay attacks, in which hackers
exploit radio-enabled keys to steal
vehicles without leaving a trace.
Now it turns out that many millions of other cars that use
chip-enabled mechanical keys are also vulnerable to high-tech theft.
A few cryptographic flaws combined with a little old-fashioned
hot-wiring—or even a well-placed screwdriver—lets hackers clone
those keys and drive away in seconds.
Quis
custodiet ipsos custodes? Don’t
you feel safer knowing DHS is on the job?
Former
DHS Acting Inspector General Indicted for Stealing Database with
Personnel Information
The
16-count indictment includes charges of theft of proprietary software
and intent to defraud the U.S. government.
Another
one for the Disaster Recovery lecture. Imagine all evils.
India’s
Yes Bank breakdown disrupts Walmart’s PhonePe among a dozen other
services
Tens
of millions of merchants and users in India are struggling to make
online transactions and use several popular services after the
nation’s central bank seized
control of Yes Bank,
the fourth largest lender in the country.
The
emergency takeover of the private sector bank has taken off several
financial startups that rely on it to facilitate services such as
processing QR codes, point-of-sale terminals as well as transactions
through popular UPI
infrastructure.
Leading
payments app PhonePe, owned by e-commerce giant Walmart, has been
inaccessible to tens of millions of its users since Thursday evening
(local time). The startup said in a statement that it was working to
restore its services and has solved
some of the issues for
its merchant partners.
… In
a tweet, Nigam said the startup had multiple redundancies in place,
but “never imagined
[that] the bank itself would go totally dark like this.
Lesson learnt in the hardest possible way.
Easy
encryption. (Sorry FBI)
How
to Encrypt and Decrypt Text Strings with JavaScript
A
simple method for encrypting and decrypting text strings and
passwords in JavaScript and Google Apps Script
There
must be a reason… Oh, wait… Apparently there does not need to
be a reason.
Trump
Administration Orders Shiji to Sell Hotel Tech Firm StayNTouch
The
Trump Administration on Friday demanded that Beijing Shiji
Information Technology, whose international arm is known as Shiji
Group,
unwind its acquisition of StayNTouch, a maker of hotel operational
software.
President
Donald Trump said the acquisition of the U.S.-based startup might
“threaten
to impair the national security of the United States.”
The order didn’t explain details of the threat.
Faster
than the Coronavirus?
Live
Facial Recognition Is Spreading Around the World
… Today
in the United States, this isn’t the norm. While it’s become
common for law enforcement, from local police to the federal
government, to use facial recognition, it’s
often used retrospectively.
That means instead of scanning everyone’s face whose face appears
in a live video, they analyze an image of a suspect’s face from a
crime scene and compare it against a mugshot database, or some other
database of face images, to find out who it is.
But
that reluctance to embrace live facial recognition is changing — it
already has changed around the world. We’ve seen that in Surat,
India.
And Buenos
Aires, Argentina,
live facial recognition is already here.
… Privacy
advocates oppose live facial recognition, especially in body cameras
worn by police. “Body cameras were promised to communities as a
tool for officer accountability. They should not be twisted into
surveillance systems to be used against communities,” the ACLU
wrote on Twitter in response to OneZero’s story.
(Related)
India
authorizes roll out of automated biometric facial recognition in
police investigations
India’s
National Crime Records Bureau (NCRB)
is now allowed to use a biometric automated facial recognition system
(AFRS) to identify suspects, bodies and missing people, writes the
Times
of India,
after India’s Home Ministry officially informed the Rajya Sabha
(India’s upper legislative house) about the decision.
The
AFRS will
only use police records
and can only be accessed by police officers, the institution said
insisting on the importance of ensuring citizens’ privacy.
Implementation approval was confirmed in writing by Union Minister of
State for Home Affairs G Kishan Reddy. The NCRB sought in November
to assure privacy advocates that the system will not violate the
principle of consent, and will be subject to strict
operational safeguards.
I’ll
tell my niece and nephew, if they ever take those earbuds out.
Stream
Music for Free With These 5 Little-Known Apps