Vodafone discovers hidden backdoors in Italy’s Huawei infrastructure
Vodafone discovers hidden backdoors in Italy’s Huawei infrastructure
Zak Doffman Cybersecurity
the Times reported that such evidence exists, it has just not been openly published.
Joy Tan, Huawei’s chief global communicator, told methat “the assumption that the Chinese government can potentially interfere in Huawei’s business operation is completely not true. Huawei is a private company. The Chinese government does not have any ownership or any interference in our business operations.”
The CIA has now directly refuted this.
Tan insisted that “China does not have any law to force any company or business to install a back door. Premier Li Keqiang said that openly several weeks ago, the Chinese government would never do that, make any company spy.”
According to the Times source, “only the most senior U.K. officials are believed to have seen the intelligence, which the CIA awarded a strong but not cast-iron classification of certainty.” But the newspaper also reports a separate U.S. course as saying that there is a view within the U.S. intelligence community that “the Chinese ministry of state security — its principal security and espionage organization — had approved government funding for Huawei.”
February 11, 20194:50 PM ET SASHA INGBER
Russia is considering a plan to temporarily disconnect from the Internet as a way to gauge how the country’s cyberdefenses would fare in the face of foreign aggression, according to Russian media.
It was introduced after the White House published its 2018 National Security Strategy, which attributed cyberattacks on the United States to Russia, China, Iran and North Korea.
Russia’s Communications Ministry also simulated a switching-off exercise of global Internet services in 2014, according to Russian outlet RT.
Russia’s State Duma will meet Tuesday to consider the bill, according to RIA Novosti.
Roskomnadzor has also exerted pressure on Google to remove certain sites on Russian searches.
Director of National Intelligence Dan Coats told Congress last month that Russia, as well as other foreign actors, will increasingly use cyber operations to “threaten both minds and machines in an expanding number of ways—to steal information, to influence our citizens, or to disrupt critical infrastructure.”
My note: In the past, the US actions prompted other countries to consider the same:
Germanty – http://blog.stcloudstate.edu/ims/2014/07/01/privacy-and-surveillance-obama-advisor-john-podesta-every-country-has-a-history-of-going-over-the-line/
more on cybersecurity in this IMS blog
more on surveillance in this IMS blog
The most secure and anonymous communication tools available
David Koff August 27 2018
These tools are used not only to lock down your security and anonymity on the known internet, but also to access the portions of the internet that are normally hidden — “The Dark Web.”
most of us don’t need the same high-privacy, high-security tools that confidential informants, journalists, and whistleblowers use, we should all know about these tools in case the time comes when we actually need them.
It’s also worth reminding everyone there’s no such thing as perfect digital security on the internet.
TAILS is an acronym for “The Amnesic Incognito Live System.”
TAILS is a highly-secure operating system (and a host of cool applications) designed to be booted off of a DVD or USB thumb drive. This not only makes TAILS easy to transport, but also ensures that TAILS can be booted and instantly useful from nearly any PC, Mac, or Chromebook. TAILS is built on Linux, a name you might recognize because it’s a popular, free, and open-source operating system that’s been available since 1991. TAILS, in particular, runs on a variant of Linux known as “Debian,” which became available in 1996.
Third and most importantly, when setup correctly, TAILS helps ensure that all of your communications — email, web browsing, chat, and more — are encrypted, made anonymous, and then routed in such a way that it’s extremely difficult to detect or trace them.
If you’re wondering just how powerful these tools really are, many of them are known by the NSA to be difficult or impossible to break. This includes:
TAILS even published a page of possible ways that its own security can be compromised.
Whonix (pronounced “HOOnix”) is an OS focused on anonymity, privacy, and security. Like TAILS, it is built on the open source Debian Linux OS and on TOR, the decentralized network which randomizes and segments your data transmissions.
Its unique approach to offering such well-regarded security is the creative use of two virtual machines (or VMs) running in tandem on one host computer. One of these VMs is known as the Gateway while the other is known as the Workstation.
Compared to TAILS, Whonix only provides a few free, open-source applications and those need to be set up fairly extensively. The list includes:
Nicholas Waller JANUARY 9, 2019
Investigators traced the man through digital tracks he left on the internet, as well as by speaking to witnesses, including another unnamed 19-year-old man that the hacker had communicated with via an encrypted messaging service. The hacker, who used the pseudonyms “G0t” and “Orbit”, was arrested on January 6 after investigators searched his home.
“Bad passwords were one of the reasons he had it so easy,” Seehofer said. “I was shocked at how simple most passwords were: ‘ILoveYou’, ‘1,2,3’. A whole array of really simple things.”
The latest incident comes just over a month after German security officials detected a major cyber attack against the email accounts of German lawmakers, as well as the military, and several German embassies by a Russian hacker group with ties to Moscow’s military intelligence wing, the GRU.
That attack occurred less than a year after the BfV, Germany’s intelligence service, said the Russian government was behind a cyberattack on German computer networks that was discovered in December 2017 and was also linked to the same hacker group that carried out the November 2018 breach.
more on cybersecrurity in this IMS blog
This week in security fails: AI can create artificial fingerprints that unlock fingerprint scanners
Posted by NowThis Future on Friday, November 16, 2018
more on AI in this IMS blog
<h3 “>Sharpen the digital transformationstrategy for your business.
Enroll today in Digital Transformation: From AI and IoT to Cloud, Blockchain, and Cybersecurity
In a rapidly expanding digital marketplace, legacy companies without a clear digital transformation strategy are being left behind. How can we stay on top of rapid—and sometimes radical—change? How can we position our organizations to take advantage of new technologies? How can we track and combat the security threats facing all of us as we are swept forward into the future?
<h3 “>Your Learning Journey
This online program takes you through the fundamentals of digital technologies transforming our world today. Led by MIT faculty at the forefront of data science, participants will learn the history and application of transformative technologies such as blockchain, artificial intelligence, cloud computing, IoT, and cybersecurity as well as the implications of employing—or ignoring—digitalization.
Artificial intelligence could have a profound impact on learning, but it also raises key questions.
By Dennis Pierce, Alice Hathaway 08/29/18
Artificial intelligence (AI) and machine learning are no longer fantastical prospects seen only in science fiction. Products like Amazon Echo and Siri have brought AI into many homes,
Kelly Calhoun Williams, an education analyst for the technology research firm Gartner Inc., cautions there is a clear gap between the promise of AI and the reality of AI.
Artificial intelligence is a broad term used to describe any technology that emulates human intelligence, such as by understanding complex information, drawing its own conclusions and engaging in natural dialog with people.
Machine learning is a subset of AI in which the software can learn or adapt like a human can. Essentially, it analyzes huge amounts of data and looks for patterns in order to classify information or make predictions. The addition of a feedback loop allows the software to “learn” as it goes by modifying its approach based on whether the conclusions it draws are right or wrong.
AI can process far more information than a human can, and it can perform tasks much faster and with more accuracy. Some curriculum software developers have begun harnessing these capabilities to create programs that can adapt to each student’s unique circumstances.
For instance, a Seattle-based nonprofit company called Enlearn has developed an adaptive learning platform that uses machine learning technology to create highly individualized learning paths that can accelerate learning for every student. (My note: about learning and technology, Alfie Kohn in http://blog.stcloudstate.edu/ims/2018/09/11/educational-technology/)
GoGuardian, a Los Angeles company, uses machine learning technology to improve the accuracy of its cloud-based Internet filtering and monitoring software for Chromebooks. (My note: that smells Big Brother).Instead of blocking students’ access to questionable material based on a website’s address or domain name, GoGuardian’s software uses AI to analyze the actual content of a page in real time to determine whether it’s appropriate for students. (my note: privacy)
serious privacy concerns. It requires an increased focus not only on data quality and accuracy, but also on the responsible stewardship of this information. “School leaders need to get ready for AI from a policy standpoint,” Calhoun Williams said. For instance: What steps will administrators take to secure student data and ensure the privacy of this information?
more on AI in education in this IMS blog
September 6, 2018 Bernard Marr
James Dixon, the CTO of Pentaho is credited with naming the concept of a data lake. He uses the following analogy:
“If you think of a datamart as a store of bottled water – cleansed and packaged and structured for easy consumption – the data lake is a large body of water in a more natural state. The contents of the data lake stream in from a source to fill the lake, and various users of the lake can come to examine, dive in, or take samples.”
A data lake holds data in an unstructured way and there is no hierarchy or organization among the individual pieces of data. It holds data in its rawest form—it’s not processed or analyzed. Additionally, a data lakes accepts and retains all data from all data sources, supports all data types and schemas (the way the data is stored in a database) are applied only when the data is ready to be used.
What is a data warehouse?
A data warehouse stores data in an organized manner with everything archived and ordered in a defined way. When a data warehouse is developed, a significant amount of effort occurs during the initial stages to analyze data sources and understand business processes.
Data lakes retain all data—structured, semi-structured and unstructured/raw data. It’s possible that some of the data in a data lake will never be used. Data lakes keep all data as well. A data warehouse only includes data that is processed (structured) and only the data that is necessary to use for reporting or to answer specific business questions.
Since a data lake lacks structure, it’s relatively easy to make changes to models and queries.
Data scientists are typically the ones who access the data in data lakes because they have the skill-set to do deep analysis.
Since data warehouses are more mature than data lakes, the security for data warehouses is also more mature.
more on big data in this IMS blog
by Andrew Smith Thu 30 Aug 2018 01.00 EDT
Between the “dumb” fixed algorithms and true AI lies the problematic halfway house we’ve already entered with scarcely a thought and almost no debate, much less agreement as to aims, ethics, safety, best practice. If the algorithms around us are not yet intelligent, meaning able to independently say “that calculation/course of action doesn’t look right: I’ll do it again”, they are nonetheless starting to learn from their environments. And once an algorithm is learning, we no longer know to any degree of certainty what its rules and parameters are. At which point we can’t be certain of how it will interact with other algorithms, the physical world, or us. Where the “dumb” fixed algorithms – complex, opaque and inured to real time monitoring as they can be – are in principle predictable and interrogable, these ones are not. After a time in the wild, we no longer know what they are: they have the potential to become erratic. We might be tempted to call these “frankenalgos” – though Mary Shelley couldn’t have made this up.
Twenty years ago, George Dyson anticipated much of what is happening today in his classic book Darwin Among the Machines. The problem, he tells me, is that we’re building systems that are beyond our intellectual means to control. We believe that if a system is deterministic (acting according to fixed rules, this being the definition of an algorithm) it is predictable – and that what is predictable can be controlled. Both assumptions turn out to be wrong.“It’s proceeding on its own, in little bits and pieces,” he says. “What I was obsessed with 20 years ago that has completely taken over the world today are multicellular, metazoan digital organisms, the same way we see in biology, where you have all these pieces of code running on people’s iPhones, and collectively it acts like one multicellular organism.“There’s this old law called Ashby’s law that says a control system has to be as complex as the system it’s controlling, and we’re running into that at full speed now, with this huge push to build self-driving cars where the software has to have a complete model of everything, and almost by definition we’re not going to understand it. Because any model that we understand is gonna do the thing like run into a fire truck ’cause we forgot to put in the fire truck.”
Walsh believes this makes it more, not less, important that the public learn about programming, because the more alienated we become from it, the more it seems like magic beyond our ability to affect. When shown the definition of “algorithm” given earlier in this piece, he found it incomplete, commenting: “I would suggest the problem is that algorithm now means any large, complex decision making software system and the larger environment in which it is embedded, which makes them even more unpredictable.” A chilling thought indeed. Accordingly, he believes ethics to be the new frontier in tech, foreseeing “a golden age for philosophy” – a view with which Eugene Spafford of Purdue University, a cybersecurity expert, concurs. Where there are choices to be made, that’s where ethics comes in.
our existing system of tort law, which requires proof of intention or negligence, will need to be rethought. A dog is not held legally responsible for biting you; its owner might be, but only if the dog’s action is thought foreseeable.
model-based programming, in which machines do most of the coding work and are able to test as they go.
As we wait for a technological answer to the problem of soaring algorithmic entanglement, there are precautions we can take. Paul Wilmott, a British expert in quantitative analysis and vocal critic of high frequency trading on the stock market, wryly suggests “learning to shoot, make jam and knit”
The venerable Association for Computing Machinery has updated its code of ethics along the lines of medicine’s Hippocratic oath, to instruct computing professionals to do no harm and consider the wider impacts of their work.
more on coding in this IMS blog
1 2 3 Next