This is why security keys, not SMS, is the proper second-factor authentication. (App authenticators are better than SMS but still prone to phishing). Some young one may well have walked into a store saying “hi, I’m Jack Dorsey” with a fake-crap ID and got away with his account. https://t.co/PR0VPT4y63
— zeynep tufekci (@zeynep) August 31, 2019
Posts Tagged ‘cybersecurity’
dear Hollywood, I demand you make a Gen Z Manchurian Candidate reboot where all the brainwashing programming/delusive fantasies take place on TikTok https://t.co/sgSekDuK6l
— Zhan Li 🇪🇺🇬🇧 (@thezhanly) July 21, 2019
The bottom line: While the Big Tech behemoths of the U.S. are barred from making inroads in China, the inverse doesn’t apply. That could mark an opening front in the ongoing technological and economic war between the two rivals.
more on cybersecurity in this IMS blog
Vodafone discovers hidden backdoors in Italy’s Huawei infrastructure
Vodafone found security flaws in Huawei equipment in 2011
CIA Offers Proof Huawei Has Been Funded By China’s Military And Intelligence
Zak Doffman Cybersecurity
the Times reported that such evidence exists, it has just not been openly published.
Joy Tan, Huawei’s chief global communicator, told methat “the assumption that the Chinese government can potentially interfere in Huawei’s business operation is completely not true. Huawei is a private company. The Chinese government does not have any ownership or any interference in our business operations.”
The CIA has now directly refuted this.
Tan insisted that “China does not have any law to force any company or business to install a back door. Premier Li Keqiang said that openly several weeks ago, the Chinese government would never do that, make any company spy.”
According to the Times source, “only the most senior U.K. officials are believed to have seen the intelligence, which the CIA awarded a strong but not cast-iron classification of certainty.” But the newspaper also reports a separate U.S. course as saying that there is a view within the U.S. intelligence community that “the Chinese ministry of state security — its principal security and espionage organization — had approved government funding for Huawei.”
Russia Is Considering An Experiment To Disconnect From The Internet
February 11, 20194:50 PM ET SASHA INGBER
Russia is considering a plan to temporarily disconnect from the Internet as a way to gauge how the country’s cyberdefenses would fare in the face of foreign aggression, according to Russian media.
It was introduced after the White House published its 2018 National Security Strategy, which attributed cyberattacks on the United States to Russia, China, Iran and North Korea.
Russia’s Communications Ministry also simulated a switching-off exercise of global Internet services in 2014, according to Russian outlet RT.
Russia’s State Duma will meet Tuesday to consider the bill, according to RIA Novosti.
Roskomnadzor has also exerted pressure on Google to remove certain sites on Russian searches.
Director of National Intelligence Dan Coats told Congress last month that Russia, as well as other foreign actors, will increasingly use cyber operations to “threaten both minds and machines in an expanding number of ways—to steal information, to influence our citizens, or to disrupt critical infrastructure.”
My note: In the past, the US actions prompted other countries to consider the same:
Germanty – http://blog.stcloudstate.edu/ims/2014/07/01/privacy-and-surveillance-obama-advisor-john-podesta-every-country-has-a-history-of-going-over-the-line/
more on cybersecurity in this IMS blog
more on surveillance in this IMS blog
Down the Security Rabbit Hole
The most secure and anonymous communication tools available
David Koff August 27 2018
These tools are used not only to lock down your security and anonymity on the known internet, but also to access the portions of the internet that are normally hidden — “The Dark Web.”
most of us don’t need the same high-privacy, high-security tools that confidential informants, journalists, and whistleblowers use, we should all know about these tools in case the time comes when we actually need them.
It’s also worth reminding everyone there’s no such thing as perfect digital security on the internet.
TAILS is an acronym for “The Amnesic Incognito Live System.”
TAILS is a highly-secure operating system (and a host of cool applications) designed to be booted off of a DVD or USB thumb drive. This not only makes TAILS easy to transport, but also ensures that TAILS can be booted and instantly useful from nearly any PC, Mac, or Chromebook. TAILS is built on Linux, a name you might recognize because it’s a popular, free, and open-source operating system that’s been available since 1991. TAILS, in particular, runs on a variant of Linux known as “Debian,” which became available in 1996.
Third and most importantly, when setup correctly, TAILS helps ensure that all of your communications — email, web browsing, chat, and more — are encrypted, made anonymous, and then routed in such a way that it’s extremely difficult to detect or trace them.
If you’re wondering just how powerful these tools really are, many of them are known by the NSA to be difficult or impossible to break. This includes:
- The TOR browser, for safe internet browsing
- KeePassX, a great application for generating and safekeeping of all of your various passwords
- Thunderbird, for emailing, secured by the Enigmail extension to encrypt and authenticate emails using a well-know and secure protocol called “OpenPGP”
- Pidgin Instant Messenger, for live chats, which are secured by the Off The Record (or OTR) encryption
- OnionShare, for safe sharing of files over the TOR network
- LibreOffice, for open-source versions of every standard office application you’ve come to know and love
TAILS even published a page of possible ways that its own security can be compromised.
Whonix (pronounced “HOOnix”) is an OS focused on anonymity, privacy, and security. Like TAILS, it is built on the open source Debian Linux OS and on TOR, the decentralized network which randomizes and segments your data transmissions.
Its unique approach to offering such well-regarded security is the creative use of two virtual machines (or VMs) running in tandem on one host computer. One of these VMs is known as the Gateway while the other is known as the Workstation.
Compared to TAILS, Whonix only provides a few free, open-source applications and those need to be set up fairly extensively. The list includes:
- The TOR browser, for safe web browsing
- Firefox, for less secure web browsing
- Icedove, for emailing, secured by the Enigmail extension to encrypt and authenticate emails using a well-know and secure protocol called “OpenPGP”
- HexChat, for internet chats
- VLC, to open and view every kind of video file that’s ever existed
After massive cyber attack, Germany’s security apparatus struggles to answer questions
Nicholas Waller JANUARY 9, 2019
Investigators traced the man through digital tracks he left on the internet, as well as by speaking to witnesses, including another unnamed 19-year-old man that the hacker had communicated with via an encrypted messaging service. The hacker, who used the pseudonyms “G0t” and “Orbit”, was arrested on January 6 after investigators searched his home.
“Bad passwords were one of the reasons he had it so easy,” Seehofer said. “I was shocked at how simple most passwords were: ‘ILoveYou’, ‘1,2,3’. A whole array of really simple things.”
The latest incident comes just over a month after German security officials detected a major cyber attack against the email accounts of German lawmakers, as well as the military, and several German embassies by a Russian hacker group with ties to Moscow’s military intelligence wing, the GRU.
That attack occurred less than a year after the BfV, Germany’s intelligence service, said the Russian government was behind a cyberattack on German computer networks that was discovered in December 2017 and was also linked to the same hacker group that carried out the November 2018 breach.
more on cybersecrurity in this IMS blog
Artificial Intelligence Can Unlock Fingerprint Scanners
This week in security fails: AI can create artificial fingerprints that unlock fingerprint scanners
Posted by NowThis Future on Friday, November 16, 2018
more on AI in this IMS blog
<h3 “>Sharpen the digital transformationstrategy for your business.
Enroll today in Digital Transformation: From AI and IoT to Cloud, Blockchain, and Cybersecurity
PROGRAM FEES $2,300 STARTS ON November 28, 20182 months, online
6-8 hours per week
A Digital Revolution Is Underway.
In a rapidly expanding digital marketplace, legacy companies without a clear digital transformation strategy are being left behind. How can we stay on top of rapid—and sometimes radical—change? How can we position our organizations to take advantage of new technologies? How can we track and combat the security threats facing all of us as we are swept forward into the future?
Who is this Program for?
- Professionals in traditional companies poised to implement strategic change, as well as entrepreneurs seeking to harness the opportunities afforded by new technologies, will learn the fundamentals of digital transformation and secure the necessary tools to navigate their enterprise to a digital platform.
- Participants come from a wide range of industries and include C-suite executives, business consultants, corporate attorneys, risk officers, marketing, R&D, and innovation enablers.
<h3 “>Your Learning Journey
This online program takes you through the fundamentals of digital technologies transforming our world today. Led by MIT faculty at the forefront of data science, participants will learn the history and application of transformative technologies such as blockchain, artificial intelligence, cloud computing, IoT, and cybersecurity as well as the implications of employing—or ignoring—digitalization.
The Promise (and Pitfalls) of AI for Education
Artificial intelligence could have a profound impact on learning, but it also raises key questions.
By Dennis Pierce, Alice Hathaway 08/29/18
Artificial intelligence (AI) and machine learning are no longer fantastical prospects seen only in science fiction. Products like Amazon Echo and Siri have brought AI into many homes,
Kelly Calhoun Williams, an education analyst for the technology research firm Gartner Inc., cautions there is a clear gap between the promise of AI and the reality of AI.
Artificial intelligence is a broad term used to describe any technology that emulates human intelligence, such as by understanding complex information, drawing its own conclusions and engaging in natural dialog with people.
Machine learning is a subset of AI in which the software can learn or adapt like a human can. Essentially, it analyzes huge amounts of data and looks for patterns in order to classify information or make predictions. The addition of a feedback loop allows the software to “learn” as it goes by modifying its approach based on whether the conclusions it draws are right or wrong.
AI can process far more information than a human can, and it can perform tasks much faster and with more accuracy. Some curriculum software developers have begun harnessing these capabilities to create programs that can adapt to each student’s unique circumstances.
For instance, a Seattle-based nonprofit company called Enlearn has developed an adaptive learning platform that uses machine learning technology to create highly individualized learning paths that can accelerate learning for every student. (My note: about learning and technology, Alfie Kohn in http://blog.stcloudstate.edu/ims/2018/09/11/educational-technology/)
GoGuardian, a Los Angeles company, uses machine learning technology to improve the accuracy of its cloud-based Internet filtering and monitoring software for Chromebooks. (My note: that smells Big Brother).Instead of blocking students’ access to questionable material based on a website’s address or domain name, GoGuardian’s software uses AI to analyze the actual content of a page in real time to determine whether it’s appropriate for students. (my note: privacy)
serious privacy concerns. It requires an increased focus not only on data quality and accuracy, but also on the responsible stewardship of this information. “School leaders need to get ready for AI from a policy standpoint,” Calhoun Williams said. For instance: What steps will administrators take to secure student data and ensure the privacy of this information?
more on AI in education in this IMS blog
1 2 3 Next