SIM jacker
categories: information technology, technology literacy
+++++++++
more on hackers in this IMS blog
https://blog.stcloudstate.edu/ims?s=hacker
Posts Tagged ‘cybersecurity’
second-factor authentication
categories: Digital literacy, information technology
This is why security keys, not SMS, is the proper second-factor authentication. (App authenticators are better than SMS but still prone to phishing). Some young one may well have walked into a store saying “hi, I’m Jack Dorsey” with a fake-crap ID and got away with his account. https://t.co/PR0VPT4y63
— zeynep tufekci (@zeynep) August 31, 2019
Tik Tok and cybersecurity
categories: Digital literacy, information technology
dear Hollywood, I demand you make a Gen Z Manchurian Candidate reboot where all the brainwashing programming/delusive fantasies take place on TikTok https://t.co/sgSekDuK6l
— Zhan Li 🇪🇺🇬🇧 (@thezhanly) July 21, 2019
The bottom line: While the Big Tech behemoths of the U.S. are barred from making inroads in China, the inverse doesn’t apply. That could mark an opening front in the ongoing technological and economic war between the two rivals.
++++++++
more on cybersecurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity
https://blog.stcloudstate.edu/ims?s=tik+tok
https://blog.stcloudstate.edu/ims/2018/10/31/students-data-privacy/
Huawei backdoor
categories: Cybersecurity, information technology
https://www.bbc.com/news/business-48103430
Vodafone found security flaws in Huawei equipment in 2011
Huawei funded by Chinese Military
categories: Digital literacy, educational technology
CIA Offers Proof Huawei Has Been Funded By China’s Military And Intelligence
the Times reported that such evidence exists, it has just not been openly published.
Joy Tan, Huawei’s chief global communicator, told methat “the assumption that the Chinese government can potentially interfere in Huawei’s business operation is completely not true. Huawei is a private company. The Chinese government does not have any ownership or any interference in our business operations.”
The CIA has now directly refuted this.
Tan insisted that “China does not have any law to force any company or business to install a back door. Premier Li Keqiang said that openly several weeks ago, the Chinese government would never do that, make any company spy.”
According to the Times source, “only the most senior U.K. officials are believed to have seen the intelligence, which the CIA awarded a strong but not cast-iron classification of certainty.” But the newspaper also reports a separate U.S. course as saying that there is a view within the U.S. intelligence community that “the Chinese ministry of state security — its principal security and espionage organization — had approved government funding for Huawei.”
Russia disconnect Internet
Russia ‘successfully tests’ its unplugged internet
24 December 2019
https://www.bbc.com/news/technology-50902496
“Increasingly, authoritarian countries which want to control what citizens see are looking at what Iran and China have already done.
“It means people will not have access to dialogue about what is going on in their own country, they will be kept within their own bubble.”
In Iran, the National Information Network allows access to web services while policing all content on the network and limiting external information. It is run by the state-owned Telecommunication Company of Iran.
One of the benefits of effectively turning all internet access into a government-controlled walled garden, is that virtual private networks (VPNs), often used to circumvent blocks, would not work.
Another example of this is the so-called Great Firewall of China. It blocks access to many foreign internet services, which in turn has helped several domestic tech giants establish themselves.
Russia already tech champions of its own, such as Yandex and Mail.Ru, but other local firms might also benefit.
The country plans to create its own Wikipedia and politicians have passed a bill that bans the sale of smartphones that do not have Russian software pre-installed.
++++++++++++++++++++++++
Russia Is Considering An Experiment To Disconnect From The Internet
February 11, 20194:50 PM ET SASHA INGBER
Russia is considering a plan to temporarily disconnect from the Internet as a way to gauge how the country’s cyberdefenses would fare in the face of foreign aggression, according to Russian media.
It was introduced after the White House published its 2018 National Security Strategy, which attributed cyberattacks on the United States to Russia, China, Iran and North Korea.
Russia’s Communications Ministry also simulated a switching-off exercise of global Internet services in 2014, according to Russian outlet RT.
Russia’s State Duma will meet Tuesday to consider the bill, according to RIA Novosti.
Roskomnadzor has also exerted pressure on Google to remove certain sites on Russian searches.
Director of National Intelligence Dan Coats told Congress last month that Russia, as well as other foreign actors, will increasingly use cyber operations to “threaten both minds and machines in an expanding number of ways—to steal information, to influence our citizens, or to disrupt critical infrastructure.”
My note: In the past, the US actions prompted other countries to consider the same:
Germanty – https://blog.stcloudstate.edu/ims/2014/07/01/privacy-and-surveillance-obama-advisor-john-podesta-every-country-has-a-history-of-going-over-the-line/
++++++++++++
more on cybersecurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity
more on surveillance in this IMS blog
https://blog.stcloudstate.edu/ims?s=surveillance
secure and anonymous communication tools
categories: digital citizenship, information technology
Down the Security Rabbit Hole
The most secure and anonymous communication tools available
David Koff August 27 2018
https://medium.com/s/the-firewall/down-the-security-rabbit-hole-31327f47743d
These tools are used not only to lock down your security and anonymity on the known internet, but also to access the portions of the internet that are normally hidden — “The Dark Web.”
most of us don’t need the same high-privacy, high-security tools that confidential informants, journalists, and whistleblowers use, we should all know about these tools in case the time comes when we actually need them.
It’s also worth reminding everyone there’s no such thing as perfect digital security on the internet.
TAILS is an acronym for “The Amnesic Incognito Live System.”
TAILS is a highly-secure operating system (and a host of cool applications) designed to be booted off of a DVD or USB thumb drive. This not only makes TAILS easy to transport, but also ensures that TAILS can be booted and instantly useful from nearly any PC, Mac, or Chromebook. TAILS is built on Linux, a name you might recognize because it’s a popular, free, and open-source operating system that’s been available since 1991. TAILS, in particular, runs on a variant of Linux known as “Debian,” which became available in 1996.
Third and most importantly, when setup correctly, TAILS helps ensure that all of your communications — email, web browsing, chat, and more — are encrypted, made anonymous, and then routed in such a way that it’s extremely difficult to detect or trace them.
If you’re wondering just how powerful these tools really are, many of them are known by the NSA to be difficult or impossible to break. This includes:
- The TOR browser, for safe internet browsing
- KeePassX, a great application for generating and safekeeping of all of your various passwords
- Thunderbird, for emailing, secured by the Enigmail extension to encrypt and authenticate emails using a well-know and secure protocol called “OpenPGP”
- Pidgin Instant Messenger, for live chats, which are secured by the Off The Record (or OTR) encryption
- OnionShare, for safe sharing of files over the TOR network
- LibreOffice, for open-source versions of every standard office application you’ve come to know and love
TAILS even published a page of possible ways that its own security can be compromised.
Whonix (pronounced “HOOnix”) is an OS focused on anonymity, privacy, and security. Like TAILS, it is built on the open source Debian Linux OS and on TOR, the decentralized network which randomizes and segments your data transmissions.
Its unique approach to offering such well-regarded security is the creative use of two virtual machines (or VMs) running in tandem on one host computer. One of these VMs is known as the Gateway while the other is known as the Workstation.
Compared to TAILS, Whonix only provides a few free, open-source applications and those need to be set up fairly extensively. The list includes:
- The TOR browser, for safe web browsing
- Firefox, for less secure web browsing
- Icedove, for emailing, secured by the Enigmail extension to encrypt and authenticate emails using a well-know and secure protocol called “OpenPGP”
- HexChat, for internet chats
- VLC, to open and view every kind of video file that’s ever existed
Germany under cyberattack
categories: announcement
After massive cyber attack, Germany’s security apparatus struggles to answer questions
Nicholas Waller JANUARY 9, 2019
Investigators traced the man through digital tracks he left on the internet, as well as by speaking to witnesses, including another unnamed 19-year-old man that the hacker had communicated with via an encrypted messaging service. The hacker, who used the pseudonyms “G0t” and “Orbit”, was arrested on January 6 after investigators searched his home.
“Bad passwords were one of the reasons he had it so easy,” Seehofer said. “I was shocked at how simple most passwords were: ‘ILoveYou’, ‘1,2,3’. A whole array of really simple things.”
The latest incident comes just over a month after German security officials detected a major cyber attack against the email accounts of German lawmakers, as well as the military, and several German embassies by a Russian hacker group with ties to Moscow’s military intelligence wing, the GRU.
That attack occurred less than a year after the BfV, Germany’s intelligence service, said the Russian government was behind a cyberattack on German computer networks that was discovered in December 2017 and was also linked to the same hacker group that carried out the November 2018 breach.
+++++++++
more on cybersecrurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity
AI fool fingerprints scanners
categories: cheating, information technology
Artificial Intelligence Can Unlock Fingerprint Scanners
++++++++++++++++
more on AI in this IMS blog
https://blog.stcloudstate.edu/ims?s=artificial+intelligence
digital transformation online professional education
categories: announcement
<h3 “>Sharpen the digital transformation strategy for your business.
Enroll today in Digital Transformation: From AI and IoT to Cloud, Blockchain, and Cybersecurity
https://professionalonline1.mit.edu/digital-transformation/index.php
PROGRAM FEES $2,300 STARTS ON November 28, 20182 months, online
6-8 hours per week
A Digital Revolution Is Underway.
In a rapidly expanding digital marketplace, legacy companies without a clear digital transformation strategy are being left behind. How can we stay on top of rapid—and sometimes radical—change? How can we position our organizations to take advantage of new technologies? How can we track and combat the security threats facing all of us as we are swept forward into the future?
Who is this Program for?
- Professionals in traditional companies poised to implement strategic change, as well as entrepreneurs seeking to harness the opportunities afforded by new technologies, will learn the fundamentals of digital transformation and secure the necessary tools to navigate their enterprise to a digital platform.
- Participants come from a wide range of industries and include C-suite executives, business consultants, corporate attorneys, risk officers, marketing, R&D, and innovation enablers.
<h3 “>Your Learning Journey
This online program takes you through the fundamentals of digital technologies transforming our world today. Led by MIT faculty at the forefront of data science, participants will learn the history and application of transformative technologies such as blockchain, artificial intelligence, cloud computing, IoT, and cybersecurity as well as the implications of employing—or ignoring—digitalization.
Brochure_MIT_PE_DigitalTransformation_17_Oct_18_V20-1w4qpjv
<