Posts Tagged ‘security’

Google AI

Google Researchers Create AI That Builds Its Own Encryption

BY TOM BRANT OCTOBER 28, 2016 04:45PM EST

http://www.pcmag.com/news/349154/google-researchers-create-ai-that-builds-its-own-encryption

Alice and Bob have figured out a way to have a conversation without Eve being able to overhear, no matter how hard she tries.

They’re artificial intelligence algorithms created by Google engineers, and their ability to create an encryption protocol that Eve (also an AI algorithm) can’t hack is being hailed as an important advance in machine learning and cryptography.

Martin Abadi and David G. Andersen, explained in a paper published this week that their experiment is intended to find out if neural networks—the building blocks of AI—can learn to communicate secretly.

As the Abadi and Anderson wrote, “instead of training each of Alice and Bob separately to implement some known cryptosystem, we train Alice and Bob jointly to communicate successfully and to defeat Eve without a pre-specified notion of what cryptosystem they may discover for this purpose.”

same in German

Googles AI entwickelt eigenständig Verschlüsselung

von – 31.10.2016
http://www.com-magazin.de/news/verschluesselung/googles-ai-entwickelt-eigenstaendig-verschluesselung-1145175.html
Google-Forscher Martin Abadi und David G. Andersen des Deep-Learning-Projekts “Google Brain” eine neue Verschlüsselungsmethode entwickelt beziehungsweise entwickeln lassen. Die Forscher haben verschiedene neurale Netze damit beauftragt, eine abhörsichere Kommunikation aufzustellen.

++++++++++++++++
more on AI in this IMS blog:
https://blog.stcloudstate.edu/ims?s=artificial+intelligence

private versus government

Hayden calls Russian email hack ‘honorable state espionage’

By Matt Leonard Oct 18, 2016

https://fcw.com/articles/2016/10/18/hayden-email-espionage.aspx?

The Department of Homeland Security and the Office of the Director of National Intelligence issued a joint statement earlier this month that condemned Russia for the attacks.

“Do not drop this in the cyber problem box, drop this in the Russia problem box,” Hayden suggested, saying the focus should be on the actor, not the means. “And by the way, that Russian problem box needs a bigger box, there’s a lot of stuff going on.”

Though there are aspects of cybersecurity that only government can handle, most of it will be driven by the private industry, Hayden said. Government can help the private sector by getting out of the way — removing liability, enabling legal protections, sharing information and redoing the classification system.

And since the government too depends on the private sector for security innovation, Hayden said he sides with Apple regarding whether the company should have to create a back door for the FBI to bypass iPhone encryption.

+++++++++++++++++

more on surveillance, government in this IMS blog:

https://blog.stcloudstate.edu/ims?s=surveillance

denial of sleep attacks

Security Tops List of Trends That Will Impact the Internet of Things

By David Nage 02/25/16

https://campustechnology.com/articles/2016/02/25/security-tops-list-of-trends-that-will-impact-the-internet-of-things.aspx

Are you ready to deal with “denial of sleep” attacks? Those are attacks using malicious code, propagated through the Internet of Things, aimed at draining the batteries of your devices by keeping them awake.

  1. Security. threats extend well beyond denial of sleep: “The IoT introduces a wide range of new security risks and challenges to the IoT devices themselves, their platforms and operating systems, their communications, and even the systems to which they’re connected.
  2. Analytics. IoT will require a new approach to analytics. “New analytic tools and algorithms are needed now, but as data volumes increase through 2021, the needs of the IoT may diverge further from traditional analytics,” according to Gartner.
  3. Device (Thing) Management. IoT things that are not ephemeral — that will be around for a while — will require management like every other device (firmware updates, software updates, etc.), and that introduces problems of scale.
  4. Low-Power, Short-Range IoT Networks. Short-range networks connecting IT devices will be convoluted. There will not be a single common infrastructure connecting devices.
  5. Low-Power, Wide-Area Networks. Current solutions are proprietary, but standards will come to dominate.
  6. Processors and Architecture. Designing devices with an understanding of those devices’ needs will require “deep technical skills.”
  7. Operating Systems. There’s a wide range of systems out there that have been designed for specific purposes.
  8. Event Stream Processing.  “Some IoT applications will generate extremely high data rates that must be analyzed in real time.
  9. Platforms. “IoT platforms bundle many of the infrastructure components of an IoT system into a single product.
  10. Standards and Ecosystems. as IoT devices proliferate, new ecosystems will emerge, and there will be “commercial and technical battles between these ecosystems” that “will dominate areas such as the smart home, the smart city and healthcare.

drones protection

Signal-Scrambling Tech ‘Freezes’ Drones in Midair

http://news.yahoo.com/signal-scrambling-tech-freezes-drones-midair-144743892.html

A new device that can detect, target and deter commercial drones could be used to keep the flying robots away from areas where they’re not wanted, like government properties, airports or your own backyard.

The new anti-drone system has been tested in the United Kingdom, the United States and France, according to the BBC. But there’s no word yet on when or where this drone-freezing technology could be used in these countries.

Fusking

Fusking = using a program to extract files names from a website that would seem obvious. Like 1.jpg, 2.jpg, etc. http://fusking.urbanup.com/3995415#.VVNxIdIMi54.

How hackers built software to steal naked photos from hundreds of women automatically

Read more: http://www.businessinsider.com/hackers-used-photofucket-to-hack-photobucket-and-steal-naked-photos-2015-5#ixzz3a2AIkoNT

The Dark Art Of “Fusking”

http://www.buzzfeed.com/katienotopoulos/the-dark-art-of-fusking

Fusking: Photobucket Fights Back Against Peeping Toms, Sends Takedown Notice To Reddit Pages

http://www.huffingtonpost.com/2012/08/16/fusking-photobucket-takedown-notice-reddit_n_1792472.html

Wearable Tech

Sizing Up Wearable Tech and IoT in the Enterprise

https://fiberlinkcorp.webex.com/fiberlinkcorp/onstage/g.php?d=358842843&t=a

Kayla Bittner  358 842 843 Twitter:#smartoffice

Det Ansinn speaker

Android Wear (java)
Pebble (C)
Samsung Tizen (HTML5)
Apple Watch WatchKit (Swift, Objective-C support is buggy)
WatchKit is the least mature

limitations: no keyboard, no mouse, no touch screen, battery life, limited usable screen real estate, CPU performance

opportunities: hands-free, speech for text input, sensors (gyro, camera, accelerometer), gesture-based input, BLE (bluetoothSmart)

GOod wearable Design: Recognizes immediacy, leverages context of the wearer

challenging to develop good experiences for these devices.

802.11 will eat short battery life, in addition to bluetooth. Samsung Gear S will get notification even from afar, but usually smartwatch notification is paired only in immediate proximity of the bluetoothed device.
Addon –
industrial uses of wearable: tag and quickmessages, not occupying hands.
keyboard is with swipe gestures.

Frank Schloendorn, Fiberlink, speaker

build in security is limited. Jailbroken / rooted devices are at higher risk> Open to hacking, still in infancy. No real MDM (Mobile Device Management) type solutions available

Do you currently own smartwatch

Do you currently own smartwatch

no management solutions exist today. OS: Tizen, Android, PebbleOS, Apple Watch OS etc
Cameras and other sensors cant be managed, monitored (spy scenario)
Is wearable an independent device or an extension of a smartphone

Best practices:
manage the connected device, not the wearable
be aware of what data can “leak” to a wearable device
if necessary, take more extreme measures (block bluetooth, ban devices)

new security options for mobile devices linked to wearables. bypass lock screen with presence of wearable, content sensitive security.

bricksimple.com
MaaS360.com/trial

password manager

How and why to set up and use a password manager

Commit to a password manager to make your online life easier and more secure.

http://www.cnet.com/how-to/how-and-why-to-set-up-and-use-a-password-manager/

A password manager stores the passwords for your various online accounts and profiles and saves you from having to remember and enter each one each time you visit a password-protected site. Instead, your passwords are encrypted and held by your password manager, which you then protect with a master password. Since you are saved from having to remember all of your passwords, you will be less tempted by the dangerously poor idea of using the same password for all of your accounts. With a password manager, you can create strong passwords for all of your accounts and keep all of those passwords saved behind a stronger master password, leaving you to remember but a single password.

With PasswordBox, you can sign up for an account via its mobile app or the PasswordBox website on a computer. I chose the latter and downloaded PasswordBox from its website, which turned out to be a browser extension.

technology for early childhood students

Plan for today, Mon, Nov 17 class session:

Parent involvement in their children’s social emotional and academic development.

  1. Introduce myself, who I am, who do I work with. Why is it good to know IMS and consider working with IMS. How to contact us – 5 min
  2. Start with a video from the following IMS blog entry: https://blog.stcloudstate.edu/ims/2013/05/01/on-digital-literacy/ :
    http://youtu.be/d5kW4pI_VQw – 2 min. What is the video about, how do students think it relates to their class (parent involvement in their children’s social emotional and academic development) – about 5 min
  3. Group work assignment – what is digital literacy and why is it important to people of all ages:
    Students work in groups and outline a definition of digital literacy and a list of 5 reasons about the importance – 5 min
    Study and discuss the following infographic (5 min)
    https://blog.stcloudstate.edu/ims/2014/10/16/early-learners-tech-use/
    For and against children spending time with technology. Gaming, social media, and computer use in general as addiction. “Disconnect/Unplugged” (Sherry Turkle) versus contemplative computing and similar meditative and contemplative practices: https://blog.stcloudstate.edu/ims/2013/11/05/getting-unplugged/
  4. Discussion on how does digital literacy vary between age groups; how do people from different ages communicate. How do they work together and help each other when learning about digital literacy. Who is the best source for students to learn about digital literacy (hint – IMS ;)) – 10 min
    Suggested source for more information: The SlideShare presentation on the IMS blog entry: https://blog.stcloudstate.edu/ims/2013/05/01/on-digital-literacy/: http://www.slideshare.net/dajbelshaw/etmooc-t3-s1-digital-literacies-with-dr-doug-belshaw
  5. Discussion on digital identity, digital citizenship, privacy and security. – 10 min
    https://blog.stcloudstate.edu/ims/2013/10/03/digital-identity-and-digital-citizenship/
  6. Questions and suggestions regarding

1 2