Year 2017 will not have any turn towards better data security. The internet is rife with such well-known than the unknown threats. The company’s systems are supposed to be protected.Hackers are going to continue to look for new ways to extort and steal information from businesses and organizations, which unfortunately means those businesses and organizations will have to continue to look for new ways to protect themselves.
Critical infrastructure cames under attack in 2017. Critical infrastructures must be better protected from criminals and terrorists who take advantage of modern technologies that are essential for the functioning of society and the economy. IT security functions of industrial control systems (ICS), energy grids and IoT networks needs to be improved in 2017.
There is push for better web security in 2017. Starting New Year’s Day, Google’s Chrome will begin labeling as “insecure” all websites that transmit passwords or ask for credit card details over plain text HTTP. Beginning in January 2017 (Chrome 56), HTTP sites that transmit passwords or credit cards are marked as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.
SHA-1 is insecure. Starting on Jan 1, 2017, most CAs will migrate to SHA-2 certificates, and major browser makers have already announced plans to adopt the change, including Microsoft, Google, and Mozilla. Their browsers will no longer trust sites that use SHA-1 starting with that date, and they will mark these websites as insecure. 1/3 of Websites Use SHA-1 Certificates Despite Looming Deadline. SHA-1 will still hang around, like a fart in a spacesuit, for many years to come because some people are lazy enough not to make the change.
There will be changes in how security is viewed in 2017 by businesses. We will likely see cloud adoption continue to grow across the United States, network visibility will no longer just be an option, AI and machine learning will shake old security models, and IoT-powered attacks will continue to rise. All of this will factor into how businesses set up, monitor and secure their networks.
The Commoditization of Cyberattacks Will Make Them More Frequent in 2017. More and more companies suffer from disruption to business due to cyber attacks. Cyber-attacks cause companies significant financial losses, but the studies shows that companies are not prepared for attacks. According to Gartner, by 2018 only 40 per cent of large companies have official plans in case of cyber attacks. Last year, the percentage was zero.
Strap yourself in for a bumpy ride in 2017. 2016 sucked. 2017 won’t be much better, sorry. DDoS attacks have been around since at least 2000, and they’re not going away. In fact, as the number of devices online grows, the volume and velocity of these attacks is also increasing. DDoS attack toolkits have been around for years, as have services that will enable you to pay for an attack. Expect to see more of them. It seems that 2017 promises to be the most dramatic year yet in DDoS conflict. Whale-sized DDoS attacks will increase, the IoT will become a bigger factor in DDoS and DDoS will overshadow ransomware attacks and is used for extortion. Expect to see the Internet of Things (IoT) and other connected devices play an important part in these attacks.
Biometric identification will become more common in 2017, but it will not replace passwords. Fingerprint identification has become increasingly common in smartphones and already the technology is fast and reliable. This year biometric identification devices were sold for 4.5 billion dollars (most of them go to smart phones and laptops). 91 percent of biometric sales were fingerprint sensors, four per cent of face detection and three per cent iris detection.
Biometrics Won’t Kill Passwords any time soon. Even though PIN codes and passwords are actually pretty lousy protection case against skilled cybercriminal, the password will never disappear entirely, as two per cent of the world’s population is persons with a fingerprint not suitable for biometric identifier to work. Other biometric identification systems have also similar limitations and/or are not yet commonly available at reasonable cost. While biometrics, including fingerprint-, face-, iris-, palm- and speech-recognition, will continue to grow as a more secure substitute for passwords, they will not render passwords obsolete. Until the other common biometrics become commonplace, passwords are here to stay until circa 2030.
Fights with encryption and backdoors for them is not over in 2017. Many public figures in law enforcement have consistently argued that device encryption presents a new threat to police powers of investigation. On the other side House Judiciary Committee’s Encryption Working Group report says encryption backdoors pose a security threat, siding with tech experts in their latest report . The problem is that any system allowing police to get into those encrypted system (let it be phone, computer or communications) could also be exploited by criminals. Any action in this space should weigh any short-term benefits against the longterm impacts. Many industry experts will rightly tell you there is no such thing as partial data encryption. You either have a fully capable system or none at all.
Given the security events of 2016, coupled with the rapid advancements and adoption of cloud computing, 2017 will be the year in which many finally accept that network infrastructure and security will have to be rethought from the ground up. In 2017 the cloud will become a risk for users: The cloud becoming insecure – extortion and IoT openings.
The rivalry between the network attacks and network security is in acceleration. Crippling Internet services with denial of service attacks are becoming more common throughout the world. DDoS attacks have been around since at least 2000, and they’re not going away. In fact, as the number of devices online grows, the volume and velocity of these attacks is also increasing. IoT-powered attacks will continue to rise and stopping the attack is not easy. For most companies the key thing is that the attack traffic is stopped before it reaches the company’s Internet connection or servers (needs to use telecom operator and external services increase). In addition to service disturbion Denial of Service Attacks are often used as distraction during the actual data burglary.DDoS may take over from ransomware as a cause for concern.
In 2017 the IT and security professionals talk about more about business risks. Historically, firewalls, DLP, antivirus, SIEM and other technical point solutions have been the centerpiece of security conversations, but the mindset is slowly shifting from technology to risk. The goal of stopping all attacks and preventing all business impact has been recognized as a fool’s errand, and has shifted to measuring risk and minimizing business impacts. Cyber security is increasingly being viewed as a risk management problem.
In 2017 ‘Security’ Must be Added to our Existing Ethical and Philosophic Concerns Over Artificial Intelligence and Algorithms. Algorithms soon run the world. They present problems that are seriously questioned on both ethical and philosophic grounds; and they have become the basis of fictional Armageddons.
Cyber insurance will be more thoughs as on solution for handling cyber risks in 2017. The global cyber insurance market is expected to generate $14 billion by 2022, according to a new report published by Allied Market Research (AMR). That figure represents an impressive compound annual growth rate (CAGR) of nearly 28% from 2016 to 2022.
In 2017 Big Brother will be watching you 24/7.Those of you who’ve read George Orwell’s book 1984 or seen the movie ,will remember how the citizens of the fictitious totalitarian state of Oceana are constantly under surveillance by order of its dictator, Big Brother. So now swap your home desktop computer, laptop or smart phone for the fictitious telescreen and not only are you sitting in front of what is a modern day version of the Big Brother telescreen you are also walking around with one in your pocket or handbag. Sound a bit far fetched to you? Well it’s set to become a reality in many countries.
Users will want better security or at least to feell more secure in 2017. Many people are prepared to to extremes for better security. According to a recent survey of over 2,000 adults conducted by Harris Poll Nearly 40% of Americans Would Give Up Sex for a Year or eating their favourite food in Exchange for Better Online Securit, meant they’d never have to worry about being hacked. When you consider that 87 percent of U.S. adults use the internet, it makes sense that cyber security is one of the biggest concerns today. The single biggest thing people can do to help keep their online identity safe is probably the easiest – a solid password – and not giving it to other people. Still nearly 50% of people have shared a password to an e-mail account or to an account like Netflix.
Security Becomes A Multi-System Issue and more people talking about the issue. Design teams will have to bake strategies in from the start, no matter how insignificant the device.The good news is that it more people talking about the issue. The real challenge is packing enough security features into designs to prevent security breaches of every sort, including those that can come from other electronics that weren’t even considered as part of the design process. Just as devices get more sophisticated, so do hackers.The reality is that security breaches can even cause physical harm. It’s time to look at this at a multi-system, multi-disciplinary level. Otherwise, we literally could be playing with fire.
Block chains have been a big trend for several years. The block chain market is divided now when 2017 starts. During the autumn 2016, we have seen a number of initiatives on cooperation between the financial sector and consulting companies. Microsoft has chosen a platform for Ethereum-block chain and offers it to the Azure cloud service. IBM has jumped Hyperledger consortium bandwagon and offering their own block chains to Bluemix service. Google and Amazon still shine by their absence. Even banks may prefer to see the use of cloud for the block chains.
Other prediction articles worth to look:
What Lies Ahead for Cybersecurity in 2017?
Network Infrastructure, Visibility and Security in 2017
DDoS in 2017: Strap yourself in for a bumpy ride
Cybersecurity Industry Outlook: 2017 to 2021 | CSO Online
IBM’s Cybersecurity Predictions for 2017 – eForensics
https://eforensicsmag.com/ibms-cybersecurity-predictions-2017/
Top 5 Cybersecurity Threats to Watch Out for in 2017
Experts Hopeful as Confidence in Risk Assessment Falls
3,151 Comments
Tomi Engdahl says:
U.S. blames North Korea for hacking spree, says more attacks likely
http://www.reuters.com/article/us-northkorea-cyber-usa-idUSKBN1942MK
The U.S. government on Tuesday issued a rare alert squarely blaming the North Korean government for a raft of cyber attacks stretching back to 2009 and warning that more were likely.
The joint warning from the U.S. Department of Homeland Security and the Federal Bureau of Investigation said that “cyber actors of the North Korean government,” referred to in the report as “Hidden Cobra,” had targeted the media, aerospace and financial sectors, as well as critical infrastructure, in the United States and globally.
The new level of detail about the U.S. government’s analysis of suspected North Korean hacking activity coincides with increasing tensions between Washington and Pyongyang because of North Korea’s missile tests. The alert warned that North Korea would continue to rely on cyber operations to advance its military and strategic objectives.
North Korea has routinely denied involvement in cyber attacks against other countries.
Tomi Engdahl says:
Germany Plans to Fingerprint Children and Spy on Personal Messages
http://fortune.com/2017/06/14/germany-fingerprint-children-spy-messages/
Germany is planning a new law giving authorities the right to look at private messages and fingerprint children as young as 6, the interior minister said on Wednesday after the last government gathering before a national election in September.
Ministers from central government and federal states said encrypted messaging services, such as WhatsApp and Signal, allow militants and criminals to evade traditional surveillance.
“We can’t allow there to be areas that are practically outside the law,” interior minister Thomas de Maiziere told reporters in the eastern town of Dresden.
Militant attacks in France, Britain and Germany have prompted European governments to tighten up on surveillance of suspected militants. Britain has proposed forcing messaging services to let authorities access encrypted communications.
Tomi Engdahl says:
Samsung Left Millions Vulnerable to Hackers Because It Forgot to Renew a Domain, Researchers Say
https://motherboard.vice.com/en_us/article/samsung-left-millions-vulnerable-to-hackers-because-it-forgot-to-renew-a-domain
Samsung, the most popular smartphone maker in the world, left millions of customers vulnerable to hackers after it let expire a domain that was used to control a stock app installed on older devices, security researchers say.
If you own an older Samsung smartphone, chances are you have a stock app designed to recommend other popular apps named S Suggest installed on it. The company says it discontinued S Suggest in 2014, and it recently let one of the domains used to control the app—ssuggest.com—expire, according to a security researcher who took over the domain.
By letting the domain expire, Samsung effectively gave anyone willing to register it a foothold inside millions of smartphones, and the power to push malicious apps on them, according to João Gouveia, the chief technology officer at Anubis Labs. Gouveia says he took over the domain Monday.
Tomi Engdahl says:
US Internet Company Refused To Participate In NSA Surveillance, Documents Reveal
https://yro.slashdot.org/story/17/06/15/005254/us-internet-company-refused-to-participate-in-nsa-surveillance-documents-reveal
A U.S. company refused to comply with a top-secret order that compelled it to facilitate government surveillance, according to newly declassified documents. According to the document, the unnamed company’s refusal to participate in the surveillance program was tied to an apparent expansion of the foreign surveillance law, details of which were redacted by the government prior to its release, as it likely remains classified. It’s thought to be only the second instance of an American company refusing to comply with a government surveillance order.
US internet company refused to participate in NSA surveillance, documents reveal
http://www.zdnet.com/article/new-details-releasedsection-702-disclosures-intelligence-lawsuit/
The company, which wasn’t named, quietly pushed back in the government’s secret court against the National Security Agency’s surveillance program, but ultimately failed.
Tomi Engdahl says:
Eagle Eye Networks buys Panasonic’s cloud video surveillance service and Nubo security camera
http://www.zdnet.com/article/eagle-eye-networks-buys-panasonics-cloud-video-surveillance-service-and-nubo-security-camera/
Cloud-based video management specialist Eagle Eye Networks expands its global reach by acquiring Panasonic’s video surveillance solution.
Founded in 2012 by serial entrepreneur Dean Drako (whose track record includes Barracuda Networks), Eagle Eye Networks specialises in cloud-based video management for security and operations teams in businesses. Its flagship product is Eagle Eye Cloud Security Camera VMS (Video Management System), which works with a broad range of analogue and IP video cameras, providing secure encrypted access to cloud storage via an onsite bridge appliance, with on-premise video storage also available.
dean-drako.jpg
Dean Drako, founder and CEO of Eagle Eye Networks.
“We’ve had incredibly good success in the US market, and incredibly good success in Asian markets — Japan, Singapore, Australia, Hong Kong, Taiwan — but we have not put a whole lot of effort into the European market,” Drako told ZDNet.
That’s the background to Eagle Eye’s acquisition, for an unspecified sum, of Amsterdam-based Panasonic Cloud Management Services BV, whose key assets are Cameramanager, a cloud-based video surveillance solution, and Panasonic Nubo, a wireless (wi-fi and 4G LTE) security camera.
Unlike Eagle Eye’s VMS, Panasonic’s Cameramanager (which will be renamed Eagle Eye CameraManager post-acquisition) is designed to handle modest numbers of cameras — no more than three per site. That’s because the cameras talk directly to the cloud via a software agent, rather than going through an onsite bridge appliance.
“That works great for one, two, three cameras per location,” said Drako, “but if you get to more cameras, the cameras start to fight each other getting up to the cloud, and you don’t really want to try and manage them all individually.”
Tomi Engdahl says:
How to use Linux’s built-in USB attack protection
Worried over malicious USB sticks? Linux has you covered with USBGuard.
http://www.zdnet.com/article/how-to-use-linuxs-built-in-usb-attack-protection/
There are USB sticks that will destroy your computer, USB sticks loaded with spyware, and even official enterprise USB sticks infected with malware. Last, but never least, when it comes to stealing data from a computer, you can’t beat a USB stick. There are devices like the USG USB stick firewall, which can protect you, or if you’re a Linux user, you can always stop attackers armed with USB sticks with USBGuard.
In the real world, Linux-based USB distributions such live-boot Tails makes this easy. USBGuard can stop any such attack.
USBGuard, as current stable Linux kernel maintainer Greg Kroah-Hartman recently pointed out, has been around for over a decade. For some reason, this user-space tool, which provides access control to USB devices, is not well known. It should be. It’s a great addition to anyone needing to protect a Linux desktop or server.
This software framework is designed expressly to protect your computer against rogue USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes. It enables you to lock-down all USB devices from user space.
UBSGuard is not installed by default, to the best of my knowledge, on any major Linux distribution. But you can install USBGuard on any Linux using the source code. It’s also available packaged up for easy deployment for Red Hat Linux family distributions in the Extra Packages for Enterprise Linux (EPEL) repository and in the Ubuntu universe repositories since the release of Ubuntu 16.10.
Once in place, you control USBGuard by the settings in its usbguard-daemon.conf file: The USBGuard daemon configuration file. When set up, the USBGuard daemon scans each USB device or hub as it’s inserted into the system. The daemon then scans the existing rules sequentially, and when a matching rule is found, it either authorizes (allows), de-authorizes (blocks), or removes (rejects) the device.
Tomi Engdahl says:
F-Secure Security Wifi for sale
Elisa brings the F-Secure Sense router as the first operator to sell home intelligence devices from the digital bios to the latest IoT devices. The router includes an application that protects smartphones and computers even when they are outside the home network
The new device developed by F-Secure is a WiFi router that, with its sophisticated security application and cloud-based security, promises to secure all home intelligence devices.
” The Internet of Things comes home from a device. Wireless network connection can already be found as a home entertainment devices (such as smart TVs and game consoles), web cameras, home appliances like heating solutions ”, says Elisa’s business director Matias Castrén.
The service included in the price of a Sense device is valid for 12 months and can be connected with an unlimited number of home smartphones and telephones and 25 computers. Then the price is 9.90 euros / month.
Source: http://www.uusiteknologia.fi/2017/06/15/f-securen-turva-wifi-myyntiin/
More: https://fi.safeandsavvy.f-secure.com/2017/05/18/f-secure-sense-on-verkottuneen-kodin-puuttuva-palanen/
Tomi Engdahl says:
Internet hygiene still stinks despite botnet and ransomware flood
Millions of must-be-firewalled services sitting wide open
https://www.theregister.co.uk/2017/06/14/rapid7_device_scanning_audit/
Network security has improved little over the last 12 months – millions of vulnerable devices are still exposed on the open internet, leaving them defenceless to the next big malware attack.
A follow-up audit by Rapid7 – the firm behind the Metasploit pen-testing tool – found that more than a million endpoints were confirmed as exposing Microsoft file sharing services (Server Message Block, TCP port 445). The majority (800,000) of these systems were on Windows, leaving a target-rich environment for WannaCrypt, the ransomware worm that infected many NHS hospitals and enterprise targets worldwide last month. The SMB SYN scan results increased by 17 per cent this year compared to the same audit last year (4.7 million to 5.5 million nodes).
SYN scanning for Telnet in 2017 returned just under 10 million responsive nodes, compared to 2016′s scan results of over 14.8 million. This 33 per cent drop in apparent Telnet services can almost certainly be pinned on a response to Mirai, BrickerBot, and other botnets. Mirai was responsible for a DDoS attack on DNS provider Dyn last October that left scores of high-profile websites unreachable for hours as domain lookup queries failed to resolve.
“Server ransomware, ransomworm propagation, insecure Internet of Things, and dozens more headlines reminded us, almost monthly, that the internet is, indeed, a fragile ecosystem that needs deliberate care and attention,”
Tomi Engdahl says:
It’s 2017 and someone’s probably still using WINS naming. If so, stop
Microsoft’s NetBIOS naming is vulnerable: use DNS instead
https://www.theregister.co.uk/2017/06/15/its_2017_and_someones_probably_still_using_wins_naming_if_so_stop/
Sysadmins should already have purged WINS from their Microsoft Windows Server environments – but if they haven’t, there’s a new reason to take it for one last walk out behind the shed.
Fortinet’s Honggang Ren says a WINS Server remote memory corruption vulnerability in the MS-proprietary name server isn’t going to get fixed, because Redmond would rather it weren’t used at all. Customers should have already replaced WINS with DNS.
Ren writes that the malformed WINS packets are all that’s needed to trigger the bug.
“This vulnerability exists because Windows Server doesn’t properly deal with multiple pending WINS-Replication sessions,” the post states.
WINS Server Remote Memory Corruption Vulnerability in Microsoft Windows Server
https://blog.fortinet.com/2017/06/14/wins-server-remote-memory-corruption-vulnerability-in-microsoft-windows-server
This vulnerability affects Windows Server 2008, 2012, and 2016 versions. The vulnerability exists because a remote memory corruption is triggered when handling malformed WINS packets.
Tomi Engdahl says:
For $500, this site promises the power to track a phone and intercept its texts
Paid access to a deeply insecure phone network
https://www.theverge.com/2017/6/13/15794292/ss7-hack-dark-web-tap-phone-texts-cyber-crime
For years, experts have warned of vulnerabilities in the network that routes phone calls and cellular service — but those attacks may be more widespread than anyone realized. For more than a year, a Tor Hidden Service has been offering ongoing access to telecom’s private SS7 network for as little as $500 a month. Combined with known vulnerabilities, that access could be used to intercept texts, track the location of an individual phone, or cut off cellular service entirely.
Accessible on Tor at zkkc7e5rwvs4bpxm.onion, the “Interconnector” service offers a variety of services charged as monthly fees, including $250 to intercept calls or texts, $500 for full access, or $150 for cellphone reports (including location data and IMSI numbers). Well-heeled users can even pay $5,500 for direct access to the SS7 port, billed as “everything you need to start your own service.”
Still, the offering is consistent with what we know about SS7 hacking. Unlike the internet, the SS7 network is a closed network, only meant to be accessed by a handful of telecom companies. As a result, there are few authentication systems in place once a user is on the network.
The site’s manager, who goes by the name Interconnect0r, declined to say how she was able to maintain access, but said it did not present significant technical difficulties, despite regular intervention from phone companies. She also said many others were maintaining access to the SS7 network using similar methods.
“It’s easier than you would think,” she told The Verge. “It’s difficult to wrap your mind around how [easy], unless you’ve got the right guidance, or stumble upon the right information.”
Most of the vulnerabilities in the SS7 have been known for years, although little has been done to fix them.
In 2016, Nohl used the vulnerabilities to track the location of an iPhone belonging to Congressman Ted Lieu as part of a demonstration for CBS’s 60 Minutes.
Tomi Engdahl says:
Rambus’ Aharon Etengoff points to a survey that says nearly half of U.S. companies using an IoT network have been hit by a recent security breach, and the significant cost of those breaches.
U.S. firms confirm IoT security breaches
https://www.rambus.com/blogs/u-s-firms-confirm-iot-security-breaches/
A new survey conducted by Altman Vilandrie & Company confirms that nearly half of U.S. firms using an Internet of Things (IoT) network have been hit by a recent security breach. According to the strategy consulting group, anything with an Internet connection can be hacked, creating serious financial and legal exposure for companies and safety concerns for workers and consumers.
“While traditional cybersecurity has grabbed the nation’s attention, IoT security has been somewhat under the radar, even for some companies that have a lot to lose through a breach,” says Altman Vilandrie & Company Director Stefan Bewley, who co-directed the survey.
“IoT attacks expose companies to the loss of data and services and can render connected devices dangerous to customers, employees and the public at large. The potential vulnerabilities for firms of all sizes will continue to grow as more devices become Internet dependent.”
Survey: Nearly Half of U.S. Firms Using Internet of Things Hit By Security Breaches
http://www.businesswire.com/news/home/20170601006165/en/Survey-U.S.-Firms-Internet-Hit-Security-Breaches/?feedref=JjAwJuNHiystnCoBq_hl-Q-tiwWZwkcswR1UZtV7eGe24xL9TZOyQUMS3J72mJlQ7fxFuNFTHSunhvli30RlBNXya2izy9YOgHlBiZQk2LOzmn6JePCpHPCiYGaEx4DL1Rq8p
Other key findings of the survey include:
Sixty-eight percent of respondents think about IoT security as a distinct category; yet only 43% have a standalone budget.
Despite the fact that separate business units may have different needs, 74% of firms centralize IoT security decisions for the entire organization.
After “preventing loss of control over IoT devices”, traditional cybersecurity concerns such as “preventing breaches of customer information” and “preventing breaches of company data” are ranked as the next most important reasons to adopt IoT security.
Tomi Engdahl says:
State of Cyber Security 2017
LEARN ABOUT THE ISSUES, TRENDS AND CHALLENGES FACING CYBER PROFESSIONALS
https://cybersecurity.isaca.org/state-of-cybersecurity#
For the third year in a row, ISACA has surveyed security leaders worldwide to determine their insights and experiences with key cyber security issues, ranging from workforce challenges and opportunities to the emerging threat landscape.
Tomi Engdahl says:
Natasha Lomas / TechCrunch:
Facebook’s implementation of Safety Check is poor, inviting unnecessary worry about unaffected users who don’t mark themselves as “safe”
Facebook’s Safety Check is a stress-inducing flip of social norms
https://techcrunch.com/2017/06/14/facebooks-safety-check-is-a-stress-inducing-flip-of-social-norms/
Facebook’s Safety Check feature was activated today, following news that a fire had engulfed a 24-storey block of flats in West London.
Clearly this is a tragedy. But should Facebook be reacting to a tragedy by sending push alerts — including to users who are miles away from the building in question?
Is that helpful? Or does it risk generating more stress than it is apparently supposed to relieve…
Being six miles away from a burning building in a city with a population of circa 8.5 million should not be a cause for worry — yet Facebook is actively encouraging users to worry by using emotive language (“your friends”) to nudge a public declaration of individual safety.
And if someone doesn’t take action to “mark themselves safe”, as Facebook puts it, they risk their friends thinking they are somehow — against all rational odds — caught up in the tragic incident.
Those same friends would likely not have even thought to consider there was any risk prior to the existence of the Facebook feature.
This is the paradoxical panic of ‘Safety Check’.
Here’s the bottom line: London is a very large city. A blaze in a tower block is terrible, terrible news. It is also very, very unlikely to involve anyone who does not live in the building. Yet Facebook’s Safety Check algorithm is apparently unable to make anything approaching a sane assessment of relative risk.
To compound matters, the company’s reliance on its own demonstrably unreliable geolocation technology to determine who gets a Safety Check prompt results in it spamming users who live hundreds of miles away — in totally different towns and cities (even apparently in different countries) — pointlessly pushing them to push a Safety Check button.
As Tausif Noor has written, in an excellent essay on the collateral societal damage of a platform controlling whether we think our friends are safe or not, by “explicitly and institutionally entering into life-and-death matters, Facebook takes on new responsibilities for responding to them appropriately”.
Safety in Numbers
http://reallifemag.com/safety-in-numbers/
Facebook’s Safety Check prompts us to relate to global crises mainly on individualistic terms
Tomi Engdahl says:
Josh Constine / TechCrunch:
Facebook requests input on hard questions about censorship, such as removing false news, and plans to begin explaining how it’s addressing each question — How should Facebook decide what’s allowed on its social network, and how to balance safety and truth with diverse opinions and cultural norms?
Facebook requests input on hard questions about censorship and terrorism
https://techcrunch.com/2017/06/15/facebook-censorship-terrorism/
How should Facebook decide what’s allowed on its social network, and how to balance safety and truth with diverse opinions and cultural norms? Facebook wants your feedback on the toughest issues it’s grappling with
Facebook’s plan is to publish blog posts examining its logic around each of these questions, starting later today with one about responding to the spread of terrorism online, and how Facebook is attacking the problem.
Facebook’s methods for combatting terrorism on its social network include:
Image matching to prevent repeat uploads of banned terrorism content
Language understanding via algorithms that lets Facebook identify text that supports terrorism and hunt down similar text.
Removing terrorist clusters by looking for accounts connected to or similar to those removed for terrorism
Detecting and blocking terrorist recidivism by identifying patterns indicating someone is re-signing up after being removed
Cross-platform collaboration allows Facebook to take action against terrorists on Instagram and WhatsApp too
Facebook employs thousands of moderators to review flagged content including emergency specialists for handling law enforcement requests, is hiring 3,000 more moderators, and staffs over 150 experts solely focused on countering terrorism
Facebook partners with other tech companies like Twitter and YouTube to share fingerprints of terrorist content, it receives briefings for government agencies around the world, and supports programs for counterspeech and anti-extremism
Facebook:
Facebook details its process to fight terrorism: AI including image matching, increased human intervention to flag posts and remove accounts, partnerships, more — By Monika Bickert, Director of Global Policy Management, and Brian Fishman, Counterterrorism Policy Manager
Hard Questions: How We Counter Terrorism
https://newsroom.fb.com/news/2017/06/how-we-counter-terrorism/
Tomi Engdahl says:
Fighting for holistic IT, OT security
http://www.controleng.com/single-article/fighting-for-holistic-it-ot-security/77302b428b8487b5f6024df8004adce1.html
Integrated cybersecurity solutions are still a long way off because of a lack of expertise and a lack of solutions that don’t address the integration between information technology (IT) and operations technology (OT) departments.
Skills shortage
Cybersecurity for industrial processes suffer partly due to a skills shortage and a lack of integrated information technology/operations technology (IT/OT) solutions. The reason for the cybersecurity deficiency is largely attributed to a general expertise shortage of skilled workforce. There were more than 209,000 unfilled cybersecurity jobs in the U.S. in 2016, up 75% from 2015, according to an article in Forbes. From a global perspective, the number is greater than one million. With the huge demand for cybersecurity professionals, even the world’s largest banks, energy companies, and governments can’t seem to find them.
Forbes also found despite the high unmet demand for cybersecurity talent, the market for cybersecurity solutions is expected to continue its growth from $75 billion in 2015 to $170 billion by 2020. All sectors of the economy will have to find innovative ways to scale the expertise of their limited workforces to bring security to extensively connected systems, operations and networks. Innovative cyber tools must lead the way by automating learning of baseline behaviors, network monitoring, and cybersecurity management so few may do the work of many, for corporate and industrial control system (ICS) security.
Siloed security
While the staggering number of unfilled jobs mentioned in the Forbes article speak for themselves, technology is partially to blame for the cybersecurity deficiency companies and governments face today. This is especially true in non-enterprise sectors such as utilities, oil and gas, and industrial manufacturing.
From an industrial and enterprise networking view, cybersecurity ended up addressed from two diverse perspectives. From either direction, cybersecurity has been shortsighted by an approach that limits the focus to the reach of each group’s network domains. The reason for this shortcoming is the industrial automation space (OT) and the enterprise software space (IT) are being forced to connect with one another in terms of solutions delivery, operations management and customer outreach, but security integration has not always followed suit.
Automation, integration keys
As the backbone of critical infrastructure, ICSs are ubiquitous in all industries including transportation, water/wastewater, energy to name a few.
Threat management also needs to scale to endpoints throughout the industrial network—such as sensors, programmable logic controllers (PLCs), data loggers and human-machine interfaces (HMIs). Furthermore, as the use of desktops, laptops, tablets and smartphones have come into play, the reach of the ICS domain has grown rapidly. A solution that combines automated anomalous detection of ICS security issues, along with proactive threat remediation and containment, is required if security is to scale beyond the OT/IT divide.
When it comes to cybersecurity, less attention needs to be paid to the categorization of OT vs. IT, and more on holistic integration between the two. Leaving ICS without highly-scalable, automated, real-time cybersecurity visibility means our largest industries and government services will continue to be vulnerable to cyber threats.
Tomi Engdahl says:
Analyst Tempers IoT Chip Forecast
http://www.eetimes.com/author.asp?section_id=40&doc_id=1331895&
It’s still a huge market, but IC Insights sees slower revenue projections for government projections.
There’s little doubt that the Internet of Things represents a massive opportunity for the semiconductor industry, though quantifying the size of that opportunity remains at best a work in progress.
Market research firm IC Insights Inc. recently trimmed its long-term forecast for semiconductor sales driven by IoT, citing lower revenue projections for connected cities applications such as smart meters and infrastructure. The market research firm shaved nearly $1 billion off its 2020 IoT semiconductor forecast, saying it now it expects the total to be about $31.1 billion.
Tomi Engdahl says:
Mastermind of Lottery Fraud Will Tell How He Rigged Jackpots
https://www.bloomberg.com/news/articles/2017-06-12/programmer-pleads-guilty-to-theft-in-lottery-rigging-scandal?
Madison, Wis. (AP) — A lottery computer programmer will tell investigators how he was able to use his position to rig state jackpots for years and he and his brother will repay $3 million in prizes they improperly claimed, under a plea agreement released Monday.
Prosecutors will seek a 25-year prison sentence for former Multi-State Lottery Association security director Eddie Tipton, the mastermind of a scheme that rocked the lottery industry. His brother, former Texas judge Tommy Tipton, is expected to face 75 days in jail.
Wisconsin prosecutors released the agreement Monday after Eddie Tipton pleaded guilty to theft and computer crime charges in Madison.
“Mr. Tipton’s actions defrauding the lottery were a gross violation of the public’s trust and confidence,”
In his job at the Urbandale, Iowa-based association, Tipton wrote and installed code for software that picked random numbers for games sold by its member lotteries. Investigators say Tipton designed his code so that on three days of the year, he could predict winning numbers in some games. The Tiptons and friend Robert Rhodes bought winning numbers for drawings in Colorado, Wisconsin, Iowa, Kansas and Oklahoma between 2005 and 2011. Other associates were involved but haven’t faced charges.
The conspiracy unraveled after Tipton was caught on surveillance video buying a winning $16.5 million ticket in December 2010 in Iowa that he, Rhodes and others unsuccessfully tried to claim.
The investigation started with a mystery in 2011. A newly created trust stepped forward hours before a one-year deadline to claim a $16.5 million jackpot. But it refused to tell the Iowa Lottery who purchased the ticket. Iowa declined to pay and launched a criminal investigation.
The association, which fired Tipton after his arrest, faces lawsuits by players who claim they were cheated by Tipton’s rigging.
Tomi Engdahl says:
This Artist Used a Computer Model of His Face to get a French National ID
https://motherboard.vice.com/en_us/article/this-artist-used-a-computer-model-of-his-face-to-get-a-french-national-id-raphael-fabre
“It’s about our relation to the image…and the power of fiction and technology.”
In America, your driver’s license photo will be hideous. Just accept it, because it will be. Bad lighting plus the general awfulness of the DMV equals you looking dumpy.
But in Europe, French artist Raphaël Fabre just proved that if you’re clever enough, you too can achieve the perfect ID photo. Like, say, an immaculate 3D rendering of your face.
Fabre successfully applied for a French national ID card on April 7, 2017 using a computer generated 3D photo of himself. According to an update on his website, the Paris-based artist created the portrait using programs and techniques utilized for special effects in movies and video games, such as Blender and TurboSquid, which is a marketplace for 3D objects. He digitally sculpted a human head from what was essentially a cube before retouching the image in 2D.
“It’s about our relation to the image, the limits of the human eye, or its poetic interpretation, and the power of fiction and technology. We are so surrounded by modified, digitalised image of bodies, and basically images of everything, that our world becomes a digital image in a way,” Fabre told me in an email.
Fabre provided us with a receipt for the government-issued ID which seemed legitimate, though as his own art piece proves, any digital image can be faked with enough work.
From a distance, it’s pretty uncanny valley. Zoomed in, however, you can see how Fabre’s hair and eyes are clearly digitally rendered.
Still, the overall result is impressive.
France’s rules for acquiring a national ID card are considerably more lax than America’s. Instead of getting your photo taken at the DMV (or their version of one), residents are allowed to produce their own portraits, so long as they comply with a list of parameters.
As Fabre notes, his 3D portrait adheres to all of these requirements.
Fabre’s clever stunt reinforces what we already know: with technologies that can fabricate our voice and even what we say on camera, we’re speeding towards a world where it’s increasingly difficult to tell what is real and what is fake.
http://www.raphaelfabre.com/#cni
Tomi Engdahl says:
Facebook has a solution to all the toxic dross on its site – wait, it’s not AI?
No, it’s human janitors toiling away, cleaning up wads of hate and terror incitement
https://www.theregister.co.uk/2017/06/16/zuckerberg_counters_terrorism_with_ai/
Facebook is once again trying to scrub clean its public image after it was criticized for allowing extremism to spread on its social media platform.
“Our stance is simple: There’s no place on Facebook for terrorism. We remove terrorists and posts that support terrorism whenever we become aware of them,” the company declared in a blog post on Thursday.
“Although academic research finds that the radicalization of members of groups like ISIS and Al Qaeda primarily occurs offline, we know that the internet does play a role – and we don’t want Facebook to be used for any terrorist activity whatsoever,” it admitted.
Facebook has good intentions, but its systems are not yet advanced enough to carry out the tasks
Algorithms still have trouble understanding the broader context of what makes content harmful and if something should be considered terrorism or not.
So for now, despite boasting about how its AI could solve its problems, Mark Zuckerberg’s empire will instead rely on human users to report harmful accounts and terrorist content. Over 150 people are employed by the California giant to focus on countering terrorism, we’re told.
Tomi Engdahl says:
The Sense router, developed by F-Secure, will be on sale this week. Elisa says she is the first carrier partner to put the device on sale.
Sense is a wlan router that uses advanced security and cloud-based security to secure all home smart devices, F-Secure promises.
The device will enter the market later. All in all, it was delayed for about one and a half years, Tekniikka & Talous told reporters earlier .
“In addition to the security of computers and smartphones, we also want to offer our customers all the devices connected to the home network a protection network, such as the home network, the home network, the home network, threats, “says Elisa’s business director Matias Castrén.
“Sense is a missing piece of networked home that secures all devices in the wireless network.”
Source. http://www.tivi.fi/Kaikki_uutiset/f-securen-ihmelaite-tulee-myyntiin-huomenna-kotien-puuttuva-palanen-6657743
Tomi Engdahl says:
As new security risks continue to emerge, cloud security spending will grow to $3.5 billion by 2021
http://www.zdnet.com/article/as-new-security-risks-continue-to-emerge-cloud-security-spending-will-grow-to-3-5-billion-by-2021/
Forrester outlines the adjustments enterprises will need to make to their cloud security practices in the next five years.
Cloud is a big business today, and it’s only going to keep growing.
Forrester estimates that global cloud services revenues totaled $114 billion in 2016, up from $68 billion just two years ago — or annual growth of 30 percent. With the public cloud services market expected to reach $236 billion by 2020, what does this mean for cloud security?
This rapid shift to the cloud raises new issues and challenges for security and risk professionals. Traditional perimeter-based security tools do little to protect cloud workloads.
Cloud security solutions are quickly evolving to meet these challenges. Forrester’s newly published cloud security solutions forecast shows that we expect spending on global cloud security solutions to reach $3.5 billion by 2021 — an annual growth rate of 28 percent over the next five years. In the forecast, we examine four types of cloud security solutions: Cloud security gateways; centralized cloud security management; hypervisor security; and native infrastructure-as-a-service/platform-as-a-service security.
Cloud security spending is growing rapidly and attracting vendor attention. Forrester estimated that total global spending on security software was $24 billion in 2016 and will grow 10 percent annually in 2017 and 2018.
While businesses are increasingly embracing the cloud across several practices, security risks will also increase — as will spending — to minimize these risks. As businesses become more vulnerable and security solutions become more innovative, we are going to see their value skyrocket, because technology leaders will realize the impact they will have on their business.
Tomi Engdahl says:
CIA has been hacking into Wi-Fi routers for years, leaked documents show
The hacking tools target hundreds of models developed by dozens of router manufacturers.
http://www.zdnet.com/article/cia-has-been-hacking-into-wi-fi-routers-for-years-leaked-documents-show/
Leaked secret documents have revealed that the CIA has been targeting and compromising home, office, and public wireless routers for years in an effort to carry out clandestine surveillance.
The documents, which could not be immediately verified, are part of an ongoing series of leaks released by the website WikiLeaks, revealing the work of the CIA’s elite hacking unit, dubbed the Engineering Development Group.
One of the tools, dubbed CherryBlossom, allows the agency to monitor the internet activity of a target, redirect their browser, scan for email addresses and phone numbers, and other software exploits.
Routers remain a prime target for intelligence agencies and hackers alike because of they act as a central port of call for an entire network. What makes routers such an attractive target is that they are more often than not riddled with security flaws that make exploitation easy.
It’s not clear if the implants are still working today or if they were retired.
Tomi Engdahl says:
I favor strong cyber defense, but ‘hack back’ idea is cyber suicide
http://thehill.com/blogs/congress-blog/technology/336053-i-favor-strong-cyber-defense-but-hack-back-idea-is-cyber
There are plenty of bad ideas out there about cybersecurity, but to create a really, really bad idea we need Congressional involvement.
Rep Tom Graves (R-Ga.) has reopened an old discussion of letting companies facing a cyber attack “shoot back” at hackers by mounting counter-attacks of their own. Right now, that’s illegal and I think it should stay that way.
To start with, when shooting back, there’s the fundamental question of who to shoot. Notice that after any major cyber attack, it usually takes weeks to determine who’s responsible for it, and even those determinations are hedged with uncertainty. That’s because no single point of origination is apparent.
Cyber attackers hit us from multiple computers in multiple countries. These computers belong to private companies, governments (including those friendly to the U.S.) and innocent individuals who don’t know their devices have been co-opted and who aren’t in league with the attackers. If we shoot back, the machines and data belonging to these people could be damaged. And the real attackers, hiding behind them, would be untouched.
There is absolutely no way that we could mount a counter-offensive, get past the multiple co-opted computers that have attacked us, find the point of origin and hit—in whatever manner—the true bad guys who launched the attack.
We might be able to retaliate, weeks or months after being attacked, but we certainly could not shoot back in time to stop an attack in progress. Attacks don’t happen that way.
Furthermore, we don’t have enough cybersecurity experts to strike back. It’s estimated that today there are more than one million unfilled cybersecurity jobs, even with high pay and good benefits. Right now, we can’t meet current corporate and government hiring requirement for defenders. There are no spare cyber soldiers to staff an offensive army.
Shooting back seems like an excellent opportunity to shoot ourselves in the foot, multiple times. You can’t legislate your way into a cyber strategy. Here’s a better idea: Drop the whole thing.
Tomi Engdahl says:
Andy Greenberg / Wired:
North Korea’s cyberattack strategy may seem erratic, but experts warn it can be effective at raising funds, creating chaos, and extending military aggression
North Korea’s Sloppy, Chaotic Cyberattacks Also Make Perfect Sense
https://www.wired.com/story/north-korea-cyberattacks
North Korea is arguably the least-understood nation on the planet. And that also applies to its state-sponsored hackers whose global cyberattacks have been almost as erratic and inscrutable as the government they work for. They hide behind strange front groups and fake extortion schemes. They steal tens of millions of dollars, a kind of digital profiteering more common among organized criminals than government cyberspies. And they’re now believed to have launched WannaCry, the ransomware that sparked an indiscriminate global crisis, with almost no apparent benefit to themselves.
But as tensions between the US and North Korea rise, cybersecurity and foreign affairs analysts watching the Hermit Kingdom’s hackers say that it would be unwise to write off Kim Jong-un’s digital army as irrational actors
Raising Lazarus
This week, the DHS and FBI released a “technical alert,” warning that North Korean state actors called Hidden Cobra had targeted US organizations in the financial, aerospace, and media industries, along with critical infrastructure. The group’s expansive toolkit included botnet-based denial of service attacks that flooded victims’ websites with junk traffic, remote-access tools, keyloggers, and data-destroying malware. Even more significantly, the report revealed that the DHS and FBI believe Hidden Cobra is one and the same as Lazarus, a hacker operation the cybersecurity community has closely tracked for years, and strongly suspected of North Korean ties.
While it seems evident that North Korea dictates Lazarus activity, it acts unlike any state-sponsored hacker group before it, with an erratic track record of theft and wanton disruption.
But as arbitrary as those acts may seem, North Korea’s digital offensives actually make sense—at least for a fascist, isolated, sanctioned country that has few other options for self-preservation.
“They are rational actors. But with sanctions and their status as a global pariah, they have little to lose from using this tool,”
Tomi Engdahl says:
BBC:
UK defense company BAE made large-scale sales of sophisticated cyber-surveillance tools to repressive governments across the Middle East
How BAE sold cyber-surveillance tools to Arab states
http://www.bbc.com/news/world-middle-east-40276568
A year-long investigation by BBC Arabic and a Danish newspaper has uncovered evidence that the UK defence giant BAE Systems has made large-scale sales across the Middle East of sophisticated surveillance technology, including to many repressive governments.
These sales have also included decryption software which could be used against the UK and its allies.
While the sales are legal, human rights campaigners and cyber-security experts have expressed serious concerns these powerful tools could be used to spy on millions of people and thwart any signs of dissent.
“You’d be able to intercept any internet traffic,” he said. “If you wanted to do a whole country, you could. You could pin-point people’s location based on cellular data. You could follow people around. They were quite far ahead with voice recognition. They were capable of decrypting stuff as well.”
One early customer of the new system was the Tunisian government.
Campaigners ‘vanished’
As protests spread across the Arab world, social media became a key tool for organisers.
Governments began shopping around for more sophisticated cyber-surveillance systems – opening up a lucrative new market for companies like BAE Systems.
“It used to be that ‘the walls have ears’, but now it’s ‘smartphones have ears,’”
“Surveillance will destroy people’s confidence in organising, expressing and sharing ideas, trying to create a political movement,” warns Gus Hosein of London-based Privacy International.
All sales of Evident were made entirely legally under Danish government export licences, issued by the Danish Business Authority.
sales of Evident could also potentially have an impact on national security in the UK.
“An Arab country wants to buy cryptanalysis equipment supposedly for its own law enforcement. They have embassies in London, Washington, Paris and Berlin.”
‘Unacceptable’
Dutch MEP Marietje Schaake is one of the few European politicians prepared to discuss concerns about surveillance technology exports.
She says European countries will ultimately pay a price for the compromises now being made.
Tomi Engdahl says:
Dustin Volz / Reuters:
House Freedom Caucus says it will oppose reauthorization of FISA law without “substantial reforms” to data collection, breaking with Trump and some senators
Opposing Trump, conservative bloc demands reforms to internet spy law
http://www.reuters.com/article/us-usa-intelligence-idUSKBN1962SR
An influential conservative bloc of Republican lawmakers on Thursday said it opposed renewal of an internet surveillance law unless major changes were made in how the U.S. government collects and uses American data, reflecting disagreement within the majority party.
Tomi Engdahl says:
Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known
https://www.bloomberg.com/politics/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections
Russia’s cyberattack on the U.S. electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.
In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data.
The scope and sophistication so concerned Obama administration officials that they took an unprecedented step — complaining directly to Moscow over a modern-day “red phone.”
Russian officials have publicly denied any role in cyber attacks connected to the U.S. elections, including a massive “spear phishing” effort that compromised Hillary Clinton’s campaign and the Democratic National Committee, among hundreds of other groups.
Tomi Engdahl says:
Ernesto / TorrentFreak:
Top EU court rules that ISPs can be ordered to block The Pirate Bay and other torrent sites
Pirate Bay Facilitates Piracy and Can Be Blocked, Top EU Court Rules
By Ernesto on June 14, 2017
https://torrentfreak.com/pirate-bay-facilitates-piracy-and-can-be-blocked-top-eu-court-rules-170614/
Breaking
Internet providers in Europe can be ordered to block access to The Pirate Bay, even though the site itself doesn’t store any infringing material. This is the conclusion of the EU Court of Justice in what has proven to be a landmark case. According to the Court, The Pirate Bay and similar sites commit an “act of communication” by helping their users to share infringing content.
Tomi Engdahl says:
Telegram founder: U.S. intelligence agencies tried to bribe us to weaken encryption
https://news.fastcompany.com/telegram-founder-us-intelligence-agencies-tried-to-bribe-us-to-weaken-encryption-4040876
Pavel Durov, the Russian founder of the popular secure messaging app Telegram has revealed in a series of tweets that U.S. intelligence agencies tried twice to bribe the company’s developers to weaken encryption in the app, presumably so it would be easier for the agencies to obtain communications sent via its users. Durov also says he was pressured by the FBI to do so.
Tomi Engdahl says:
Revealed: Facebook exposed identities of moderators to suspected terrorists
https://www.theguardian.com/technology/2017/jun/16/facebook-moderators-identity-exposed-terrorist-groups
A security lapse that affected more than 1,000 workers forced one moderator into hiding – and he still lives in constant fear for his safety
The security lapse affected more than 1,000 workers across 22 departments at Facebook who used the company’s moderation software to review and remove inappropriate content from the platform, including sexual material, hate speech and terrorist propaganda.
A bug in the software, discovered late last year, resulted in the personal profiles of content moderators automatically appearing as notifications in the activity log of the Facebook groups, whose administrators were removed from the platform for breaching the terms of service. The personal details of Facebook moderators were then viewable to the remaining admins of the group.
The Guardian spoke to one of the six, who did not wish to be named out of concern for his and his family’s safety.
Facebook confirmed the security breach in a statement and said it had made technical changes to “better detect and prevent these types of issues from occurring”.
“We care deeply about keeping everyone who works for Facebook safe,” a spokesman said. “As soon as we learned about the issue, we fixed it and began a thorough investigation to learn as much as possible about what happened.”
Tomi Engdahl says:
Worried about election hacking? There’s a technology fix – Helios
End-to-end encrypted, verifiable voting already in action
https://www.theregister.co.uk/2017/06/16/worried_about_election_hacking_turns_out_theres_a_technology_fix/
Election hacking is much in the news of late and there are fears that the Russians/rogue lefties/Bavarian illuminati et al are capable of falsifying results.
For example, voters in the state of Georgia’s sixth district are going to the polls on Tuesday for a close-fought election, and serious doubts have been raised about the security of the voting systems used. Georgia uses electronic voting machines that don’t give a paper ballot, making recounts impossible, and security researcher Logan Lamb has doubts about their security. (This is, of course, amid evidence of Russian hackers targeting election boards and makers of voting software and hardware in the US.)
While investigating the Kennesaw State University’s Center for Election Systems, which oversees Georgia’s voting system, Lamb found that the website was misconfigured, exposing the state’s entire voter registration record, multiple PDFs with instructions and passwords for election workers, and the software systems used to tally votes cast.
“You could just go to the root of where they were hosting all the files and just download everything without logging in,” Lamb told Politico.
Lamb is not alone – many in the security sphere have serious doubts about America’s headlong rush into electronic voting. After the 2000 election hanging chads fiasco, the government threw money at the states to upgrade their voting machines and many systems are hopelessly bad.
At this year’s Enigma conference, Ben Adida, veep of engineering at educational software firm Clever, detailed a new kind of secure voting system called Helios
Twitter
Facebook
G+
LinkedIn
Home
Data Centre
Software
Security
Transformation
DevOps
Business
Personal Tech
Science
Emergent Tech
Bootnotes
search
Reg comments8
Security
Worried about election hacking? There’s a technology fix – Helios
End-to-end encrypted, verifiable voting already in action
voting
reddit
Twitter
Facebook
linkedin
16 Jun 2017 at 23:28, Iain Thomson
Election hacking is much in the news of late and there are fears that the Russians/rogue lefties/Bavarian illuminati et al are capable of falsifying results.
For example, voters in the state of Georgia’s sixth district are going to the polls on Tuesday for a close-fought election, and serious doubts have been raised about the security of the voting systems used. Georgia uses electronic voting machines that don’t give a paper ballot, making recounts impossible, and security researcher Logan Lamb has doubts about their security. (This is, of course, amid evidence of Russian hackers targeting election boards and makers of voting software and hardware in the US.)
While investigating the Kennesaw State University’s Center for Election Systems, which oversees Georgia’s voting system, Lamb found that the website was misconfigured, exposing the state’s entire voter registration record, multiple PDFs with instructions and passwords for election workers, and the software systems used to tally votes cast.
“You could just go to the root of where they were hosting all the files and just download everything without logging in,” Lamb told Politico.
Lamb is not alone – many in the security sphere have serious doubts about America’s headlong rush into electronic voting. After the 2000 election hanging chads fiasco, the government threw money at the states to upgrade their voting machines and many systems are hopelessly bad.
Paper ballots have a number of advantages over electronic voting. They may be slower to count, but it’s much harder to falsify results because you need large numbers of ballots to be prepared by hand. Electronic voting is, in its current form, potentially hackable, but there are systems that combine electronic voting with encryption to give an election that can be checked, protects voting privacy, and allows for on-the-spot checks.
The appliance of science
At this year’s Enigma conference, Ben Adida, veep of engineering at educational software firm Clever, detailed a new kind of secure voting system called Helios – watch below.
The system is fairly simple. Voters cast their ballot, which is then encrypted, and the voter is given a tracking number to keep. That number can be checked against an election tally system to ensure that the vote was cast as specified, while not compromising the privacy of the ballot.
The system allows for parties to check that their supporters have voted and lets vote checkers examine results as they come in, while keeping the ballot secret. Adida said that the voting system is already in use for student council elections at Princeton University in New Jersey, where it proved its worth.
The Helios software is all open source and is available for anyone to check up on or use. Adida told The Register that the system can scale to national elections, but that this was unlikely in the next election cycle.
Tomi Engdahl says:
Connectivity’s value is almost erased by the costs it can impose
The internet made information flow on the cheap, but making it anti-fragile will cost plenty
https://www.theregister.co.uk/2017/06/13/mark_pesce_column/
The great advantage of a browser-based programming environment is that nothing gets lost – it’s all saved to the cloud as you type it in. But what happens when the link dies, or the cloud chokes?
Which got me thinking about the increasingly fragile nature of our connected culture.
Twenty-five years ago almost nothing was connected to the Internet. Today, many things are – at least some of the time – and it’s only when connected that they realise their full capacity. A smartphone shorn of network access cannot be an object of fascination. The network activates, piping intelligence into our toys, making them irresistible.
That intelligence comes with some costs; the most obvious is our increasing dependency on that connection. People get lost on hikes as they fall out of mobile range and lose the mapping apps that keep them oriented. We’ve come to expect intelligence with us all the time. Losing connectivity is coming to feel like losing a bit of our mind.
Another cost – and the bigger worry – is that this connected intelligence isn’t entirely benevolent. Every connection is a way into a device that may have something of value – credit card numbers, or passwords, or Bitcoins. The same intelligence that activates can also try to harvest that information, or even poison those devices, turning them against their owners.
We’ve reached a very delicate point, where the value of connected intelligence is almost entirely countered by the costs it can impose. If things become just a little more hostile out there (with four billion people using the Internet, that’s pretty much assured) the scales could tip in favour of disconnection, isolation, and a descent into a kind of stupidity we haven’t seen in many years.
There’s no easy answers for any of this. It’s unreasonable to expect that businesses will turn the clock back on the productivity gains made from connectivity, but it’s equally unreasonable to assume any of those businesses are prepared for an onslaught of connected hostility.
In this sort of high-pressure environment, where the wrong decision quickly becomes a fatal one, we have no choice but to evolve our responses, rapidly. It feels as though we got the benefits of connected intelligence for free; it’s only just now that we can see that bill is being presented – and it’s a whopper. We have to learn, keep learning, share what we’ve learned while putting it to work, learn from what others have shared, and keep doing this at an ever-increasing rate, forever.
Tomi Engdahl says:
Facebook has a solution to all the toxic dross on its site – wait, it’s not AI?
No, it’s human janitors toiling away, cleaning up wads of hate and terror incitement
https://www.theregister.co.uk/2017/06/16/zuckerberg_counters_terrorism_with_ai/
Tomi Engdahl says:
When we said don’t link to the article, Google, we meant DON’T LINK TO THE ARTICLE!
One click, or two? How about no clicks, German court tells search company
https://www.theregister.co.uk/2017/06/15/google_germany_right_to_be_forgotten_court_case/
A German court has given Google a hearty slap over its grudging response to “right to be forgotten” laws, telling it that not linking to information means exactly that: not linking to information.
The Higher Regional Court of Munich issued an injunction [PDF] against the search engine company, telling it not to forward takedown notices it receives to the Lumen database and then link to the resulting Lumen webpage in place of its original search result.
Right now, every time Google receives a takedown request, it automatically forwards it to Lumen and then replaces its original link with text like: “As a reaction to a legal request that was sent to Google, we have removed one search result. You can find further information at LumenDatabase.org.”
It links to the relevant Lumen webpage, which not only provides details about who requested that the search engine link be removed, but also has a link to the original webpage that was complained about.
The end result of that approach is that it takes two clicks rather than one to reach a specific webpage – something that the court points out still enables people to find the information that Google had been told not to link to.
Tomi Engdahl says:
Ben Schreckinger / Politico:
Experts detail how Russia is targeting US military personnel and veterans via a multi-pronged cyber espionage campaign involving phishing, catfishing, and more
How Russia Targets the U.S. Military
http://www.politico.com/magazine/story/2017/06/12/how-russia-targets-the-us-military-215247
With hacks, pro-Putin trolls and fake news, the Kremlin is ratcheting up its efforts to turn American servicemembers and veterans into a fifth column.
In the fall of 2013, Veterans Today, a fringe American news site that also offers former service members help finding jobs and paying medical bills, struck up a new partnership. It began posting content from New Eastern Outlook, a geopolitical journal published by the government-chartered Russian Academy of Sciences, and running headlines like “Ukraine’s Ku Klux Klan — NATO’s New Ally.”
In recent years, intelligence experts say, Russia has dramatically increased its “active measures” — a form of political warfare that includes disinformation, propaganda and compromising leaders with bribes and blackmail — against the United States. Thus far, congressional committees, law enforcement investigations and press scrutiny have focused on Kremlin leader Vladimir Putin’s successful efforts to disrupt the American political process.
Tomi Engdahl says:
Amazon granted a patent that prevents in-store shoppers from online price checking
Well, isn’t that ironic
https://www.theverge.com/2017/6/15/15812986/amazon-patent-online-price-checking
Amazon’s long been a go-to for people to online price compare while shopping at brick-and-mortars. Now, a new patent granted to the company could prevent people from doing just that inside Amazon’s own stores.
The patent, titled “Physical Store Online Shopping Control,” details a mechanism where a retailer can intercept network requests like URLs and search terms that happen on its in-store Wi-Fi, then act upon them in various ways.
The document details in great length how a retailer like Amazon would use this information to its benefit. If, for example, the retailer sees you’re trying to access a competitor’s website to price check an item, it could compare the requested content to what’s offered in-store and then send price comparison information or a coupon to your browser instead. Or it could suggest a complementary item, or even block content outright.
Amazon’s patent also lets the retailer know your physical whereabouts, saying, “the location may be triangulated utilizing information received from a multitude of wireless access points.”
Tomi Engdahl says:
Millions of Devices Remain Exposed via SMB, Telnet Ports: Rapid7
http://www.securityweek.com/millions-devices-remain-exposed-smb-telnet-ports-rapid7
Despite being exploited in wide-spread malicious attacks, SMB, telnet, RDP, and other types of improperly exposed ports continue to put both enterprises and consumers at risk, a new Rapid7 report reveals.
Focused on providing an overview of the regional exposure to help Internet service providers (ISPs) worldwide address existing issues, Rapid7’s second National Exposure Index report (PDF) provides information on improperly exposed services and ports rendering systems and user data vulnerable to attacks. It includes data gathered through scanning the web for exposed services, including encrypted and unencrypted protocols, or those meant for public use.
Two of the improperly secured services that continue to make computers vulnerable to attacks are Server Message Block (SMB) and telnet. The former was recently associated with the massive WannaCry outbreak that hit over 160 countries, while the latter has been exploited by Internet of Things botnets such as Mirai, Persirai, or Hajime.
Apparently, there are 5.5 million machines with SMB port exposed, up from 4.7 million prior to May 2017, when WannaCry emerged.
Of the total endpoints exposing Microsoft file-sharing services (SMB, TCP port 445), 800,000 of them are confirmed Windows systems, Rapid7 says.
According to Shodan founder John Matherly, over 2 million machines with SMB appear in the device search engine, and most of them (90%) run SMB version 1. He also notes that, while Windows devices running SMB should have been already patched, given that Microsoft released security updates even for unsupported platform iterations, tens of thousands continue to be vulnerable.
Things aren’t better when it comes to devices with exposed telnet (port 23), as there are just under 10 million such devices out there at the moment. Granted, this is a great improvement when compared to the 14.8 million exposed devices discovered last year, but it also means that millions of devices can still fall victim to malware such as distributed denial of service (DDoS) botnets.
However, there are other inappropriate services exposed to the Internet as well, including FTP (port 21), RDP (port 3389), PPTP (port 1723), rpcbind (port 111), MySQL (port 3306), and others more. Overall, Rapid7’s scan for these inappropriate services revealed over 90 million nodes.
The report also points out that there are a series of services that have been specifically designed for public use, thus are expected to be exposed to the Internet, although some of them aren’t encrypted, such as HTTP. Many of these, however, are encrypted-by-default, including HTTPS, SSH, IMAPS, POP3S, SMTPS, and FTPS.
“Server ransomware, ransomworm propagation, insecure Internet of Things, and dozens more headlines reminded us, almost monthly, that the internet is, indeed, a fragile ecosystem that needs deliberate care and attention. Being mindful of both what your organization deploys and how those services are deployed and maintained can have a significant impact on the health of the entire internet,” the company concludes.
https://information.rapid7.com/rs/495-KNT-277/images/rapid7%20national%20exposure%20index%20final.pdf
Tomi Engdahl says:
Teen girl who texted boyfriend to kill himself guilty of manslaughter
Michelle Carter responsible for beau’s sucide, decides court
https://www.theregister.co.uk/2017/06/16/texting_teen_guilty_of_manslaughter/
The teenager who repeatedly urged and encouraged her boyfriend to kill himself with hundreds of text messages has been found guilty of involuntary manslaughter.
Michelle Carter, now 20, was 17 when she spent several months pushing 18-year-old Conrad Roy – who she referred to as her boyfriend – to commit suicide.
Most shockingly, the court heard that when Roy backed out of his plan and left his truck – in which he was running a gasoline-operated water pump in order to choke on the truck’s fumes – and texted Carter saying he was “scared,” she texted him back and told him to “get back in.”
Carter later texted a friend and told her she was “talking on the phone with him when he killed himself … I heard him die.”
Tomi Engdahl says:
Firm Responsible For Mirai-Infected Webcams Hires Software Firm To Make Its Products More Secure
https://it.slashdot.org/story/17/06/16/2151221/firm-responsible-for-mirai-infected-webcams-hires-software-firm-to-make-its-products-more-secure
After seeding the globe with hackable DVRs and webcams, Zhejiang Dahua Technology Co., Ltd. of Hangzhou, China will be working with the U.S. firm Synopsys to “enhance the security of its Internet of Things (IoT) devices and solutions.” Dahua, based in Hangzhou, China said it will with Mountain View based Synopsys to “enhance the security of its Internet of Things (IoT) devices and solutions.” In a joint statement, the companies said Dahua will be adopting secure “software development life cycle (SDLC) and supply chain” practices using Synopsys technologies in an effort to reduce the number of “vulnerabilities that can jeopardize our products,”
Firm That Made Mirai-Infected Webcams Gets Security Religion
https://securityledger.com/2017/06/firm-that-made-mirai-infected-webcams-gets-security-religion/
In-brief: After seeding the globe with hackable DVRs and webcams, Zhejiang Dahua Technology Co., Ltd. of Hangzhou, China will be working with the U.S. firm Synopsys to “enhance the security of its Internet of Things (IoT) devices and solutions.”
The surveillance camera maker whose name became synonymous with insecure, connected devices after its cameras formed the backbone of the Mirai botnet has hired a top secure software development and testing firm to makes its products less prone to hacking.
Dahua’s cameras and digital video recorders (DVRs) figured prominently in the Mirai botnet, which launched massive denial of service attacks against websites in Europe and the U.S., including the French web hosting firm OVH, security news site Krebsonsecurity.com and the New Hampshire based managed DNS provider Dyn. Cybercriminals behind the botnet apparently exploited an overflow vulnerability in the web interface for cameras and DVRs to gain access to the underlying Linux operating system and install the Mirai software, according to research by the firm Level3.
Tomi Engdahl says:
You Can Hack Some Mazda Cars With a USB Flash Drive
https://it.slashdot.org/story/17/06/16/2222215/you-can-hack-some-mazda-cars-with-a-usb-flash-drive
“Mazda cars with next-gen Mazda MZD Connect infotainment systems can be hacked just by plugging in a USB flash drive into their dashboard, thanks to a series of bugs that have been known for at least three years,” reports Bleeping Computer.
You Can Hack Some Mazda Cars with a USB Flash Drive
https://www.bleepingcomputer.com/news/security/you-can-hack-some-mazda-cars-with-a-usb-flash-drive/
EXCLUSIVE — Mazda cars with next-gen Mazda MZD Connect infotainment systems can be hacked just by plugging in a USB flash drive into their dashboard, thanks to a series of bugs that have been known for at least three years.
The issues have been discovered and explored by the users of the Mazda3Revolution forum back in May 2014. Since then, the Mazda car owner community has been using these “hacks” to customize their cars’ infotainment system to tweak settings and install new apps. One of the most well-designed tools is MZD-AIO-TI (MZD All In One Tweaks Installer).
The knowledge shared through these two projects has been the base of mazda_getInfo, a project put together by Bugcrowd application security engineer Jay Turla, which automates Mazda car hacks.
Research started out as a curiosity
Turla’s mazda_getInfo, which he open sourced on GitHub last week, allows anyone to copy a collection of scripts on their USB flash drive, insert it into their car’s dashboard, and execute malicious code on the car’s MZD Connect firmware.
During his tests, Turla executed simple attacks like printing text on the car’s dashboard or echoing terminal commands. Since MZD Connect is a *NIX-based system, anyone can create scripts and execute more intrusive attacks.
“No need for a user interaction, you just need to insert the USB flash drive in the USB port of your car,” the researcher told Bleeping Computer. “Imagine an autoplay feature on Windows which executes a script directly.”
USB attack loophole closed in recent firmware update
All of this is possible because the bugs allow users to execute unauthorized code on their infotainment unit, which in infosec terms means “anything goes,” if the attacker has the skill and knowledge to write the proper code.
According to the MZF-AIO-TI project, the USB code execution flaws have been fixed with MZD Connect firmware version 59.00.502, released last month. Cars that have not been updated to this version are most likely open to attacks, albeit there are no reports of this issue being abused in any other way except to tweak infotainment dashboards.
Tomi Engdahl says:
Matthew Leising / Bloomberg:
Inside the DAO, an Ethereum crowdfunding project, the flaw that let a still unknown hacker steal $55M in ether, and the effort to save the DAO project
https://www.bloomberg.com/features/2017-the-ether-thief/
Tomi Engdahl says:
Alex Kantrowitz / BuzzFeed:
Analysis: at least 45 instances of violence, including rapes, murders, and suicides, have been broadcast via Facebook Live since its debut in December 2015
Violence On Facebook Live Is Worse Than You Thought
https://www.buzzfeed.com/alexkantrowitz/heres-how-bad-facebook-lives-violence-problem-is?utm_term=.xb3B1b0NPo#.rleenkDQKy
According to a new BuzzFeed News analysis, Facebook Live has a violence problem far greater than the one portrayed in national headlines.
Tomi Engdahl says:
Hacker Admits Stealing Satellite Data from DoD
http://www.securityweek.com/hacker-admits-stealing-satellite-data-dod
A British man from Sutton Coldfield on Thursday pleaded guilty to stealing user accounts from a U.S. military communications system, the UK’s National Crime Agency (NCA) announced.
Sean Caffrey, 25, admitted in court to accessing and stealing information pertaining to 800 users of a satellite communications system, including ranks, usernames and email addresses. Moreover, he stole information associated with 30,000 satellite phones, NCA says.
Caffrey pleaded guilty on Thursday at Birmingham Crown Court to an offense under the Computer Misuse Act: “Causing a computer to perform a function to secure unauthorized access to a program or data.”
Hacker stole satellite data from US Department of Defence
https://public-newsroom-nca-01.azurewebsites.net/news/hacker-stole-satellite-data-from-us-department-of-defence
A computer hacker has admitted stealing hundreds of user accounts from a US military communications system.
Sean Caffrey, 25, of Sutton Coldfield, accessed and stole the ranks, usernames and email addresses of more than 800 users of a satellite communications system, as well as of about 30,000 satellite phones.
He pleaded guilty at Birmingham Crown Court today to an offence under the Computer Misuse Act.
Tomi Engdahl says:
Senators Say Cybersecurity Should be Top Priority for Autonomous Vehicles
http://www.securityweek.com/senators-say-cybersecurity-should-be-top-priority-autonomous-vehicles
The arrival of autonomous vehicles (AV, or self-driving vehicles) on the public highways is getting closer. Just this month (June 2017), Nutonomy announced a partnership with Lyft for R&D on its existing AV testing on the streets of Boston. Lyft announced yesterday that by 2025 it will provide “at least 1 billion rides per year using electric autonomous vehicles.” Also this week, Japanese robotics firm ZMP announced its plan to have an AV taxi on the streets of Tokyo in time for the 2020 Olympics. The need for AV regulation is pressing.
The principles focus on safety, promoting innovation, tech-neutral legislation, clarification over federal and state responsibilities, public education, and — of course — cybersecurity. The last is minimal. The document states that cybersecurity must be included ‘from the very beginning of their development,’ and that “Legislation must address the connectivity of self-driving vehicles and potential cybersecurity vulnerabilities before they compromise safety.”
Tomi Engdahl says:
Industrial Companies Targeted by Nigerian Cybercriminals
http://www.securityweek.com/industrial-companies-targeted-nigerian-cybercriminals
Industrial companies from around the world have been targeted in phishing attacks believed to have been launched by cybercriminals located in Nigeria, Kaspersky Lab reported on Thursday.
Tomi Engdahl says:
Industry Reactions to ‘CrashOverride’ Malware: Feedback Friday
http://www.securityweek.com/industry-reactions-crashoverride-malware-feedback-friday
ESET and Dragos this week published reports detailing a sophisticated piece of malware believed to have been used in the December 2016 attack aimed at Ukraine’s power grid.
Dubbed Industroyer and CrashOverride, this modular malware has several components: a backdoor, a launcher, a data wiper, DoS and port scanner tools, and at least four payloads.
The payloads allow the malware’s operators to control electric circuit breakers via industrial communication protocols, which suggests that at least some of the malware’s developers have a deep understanding of power grid operations and industrial network communications.
Researchers described some theoretical attack scenarios involving this malware and warned that the threat could be adapted for attacks on other countries, including the U.S., and other sectors.
‘Industroyer’ ICS Malware Linked to Ukraine Power Grid Attack
http://www.securityweek.com/industroyer-ics-malware-linked-ukraine-power-grid-attack
Tomi Engdahl says:
An encrypted bandwidth-efficient backup tool
http://linux.softpedia.com/get/System/Backup/Duplicity-12100.shtml
Duplicity is an open source software that uses the rsync algorithm to backup directories and produce encrypted tar-format volumes.
Duplicity is able to upload the backups to a local or remote file server, and it also includes the rdiffdir utility.
Tomi Engdahl says:
European Parliament Committee Endorses End-To-End Encryption
https://it.slashdot.org/story/17/06/17/1725210/european-parliament-committee-endorses-end-to-end-encryption
The civil liberties committee of the European Parliament has released a draft proposal “in direct contrast to the increasingly loud voices around the world to introduce regulations or weaken encryption,”
The draft recommends a regulation that will enforce end-to-end encryption on all communications to protect European Union citizens’ fundamental privacy rights. The committee also recommended a ban on backdoors. Article 7 of the E.U.’s Charter of Fundamental Rights says that E.U. citizens have a right to personal privacy, as well as privacy in their family life and at home. According to the EP committee, the privacy of communications between individuals is also an important dimension of this right…
European Parliament Committee Recommends End-To-End Encryption For All Electronic Communications
http://www.tomshardware.com/news/european-parliament-end-to-end-encryption-communications,34809.html
The European Parliament’s (EP’s) Committee on Civil Liberties, Justice, and Home Affairs released a draft proposal for a new Regulation on Privacy and Electronic Communications. The draft recommends a regulation that will enforce end-to-end encryption on all communications to protect European Union citizens’ fundamental privacy rights. The committee also recommended a ban on backdoors.
Enforcement Of EU’s Charter Of Fundamental Rights
Article 7 of the E.U.’s Charter of Fundamental Rights says that E.U. citizens have a right to personal privacy, as well as privacy in their family life and at home. According to the EP committee, the privacy of communications between individuals is also an important dimension of this right.
Tomi Engdahl says:
Ask Slashdot: How Do You Prepare For The Theft Of Your PC?
https://ask.slashdot.org/story/17/06/17/1756243/ask-slashdot-how-do-you-prepare-for-the-theft-of-your-pc
A security-conscious Slashdot reader has theft insurance — but worries whether it covers PC theft. And besides the hassles of recreating every customization after restoring from backups, there’s also the issue of keeping personal data private.
There’s a couple of issues here — including privacy, data recovery, deterrence, compensation — each leading to different ways to answer the question: what can you actually do to prepare for the possibility?
Comments:
If you have an SSD, and want to add a HDD, and just want to keep it in sync periodically, and you’re running Linux… consider checking out MD raid1 using “write-mostly” on the HDD. For example: http://tansi.info/hybrid/ [tansi.info]
Using that, almost all reads will go to the SSD, and writes will go to both. It was originally added for mirroring over a (slow) network interface, which you could also add as a 3rd mirror if you prefer.
Before someone else says it, a mirror is not a backup. If you, or someone else using your computer, or through some program error, or through a virus/bug/etc, delete data, that deletion will sync to the mirror as quickly as you have it set to do so and you won’t have a copy of it, unless you add some form of versioning or backup.
I’m sure everyone has their own preferences,
I’d recommend adding redundancy and backups in the following order of priority:
1. Offsite backup your most precious files. There are a TON of solutions for this. You can keep your file list short and limit it to small-ish files (ie. don’t back up your DVD collection in this backup set, even if you consider it important). Possible solutions would include dropbox, crashplan, google drive, sync.com, spideroak, tresorit, mega, etc.
2. Local redundancy/mirror. This is the bit you’re talking about. If I loose a drive due to hardware failure, I want to keep going ASAP, and this is the best way to do that.. just make sure you test it and can move over to it and back.
3. Local large/full backups. These can go to an external drive or two.
4. Offsite those full backups. Use multiple external drives. Take at least one offsite periodically. Take it to work, or a friends place, or a storage facility, or safe deposit box.
FWIW, crashplan can be used for all but #2 above.
It’s free to back up to a local drive, or to another computer of your own (or friend/family/work).
Insurance will cover the cost of replacing the hardware, backups take care of recovering the data, just make sure the backups don’t get stolen/destroyed with the machine.
If the thief can’t power the machine on due to a password they will either throw it away, or sell it cheap to someone more capable of dealing with it who will either wipe the data and install fresh or just sell the individual components.
My experience with homeowners’ insurance is that once the deductible is met, the amount paid per item is usually *way* more than the amount you could have conceivably sold it for on eBay. You might not walk away with a brand new item for free (if the item is more than a year old), but unless you’re broke & living paycheck to paycheck, you’ll walk away from the transaction feeling like you got an even better deal than the thief.
For privacy, the simplest and most helpful thing to do is use full-disk encryption for your hard drive. This will significantly increase the amount of effort required to access your data and any online accounts (e.g. bank accounts).
For data, I just store all of my sensitive data on the cloud (e.g. tax returns, personal documents). If you have large amounts of important data such as photos, you may have to pay a monthly fee for good cloud storage. But it’s definitely worth it. There are many, many other things that can go wrong besides theft that can cause data loss.
It’s also good to practice good online account security (e.g. using 2-factor authentication), and make sure to reset all of your critical passwords in the event of theft of a computer.
My laptop is bitlocker encrypted. All my stuff is synced to a several hundred MB Seafile library. Modern Windows with online accounts takes care of backing up customisations quite well too. A lot of open source apps especially store customisations in a file, they are in a Seafile library.
The only thing I’ll lose if someone steals my laptop is the $200 insurance cost and a few hours of my time reinstalling a few programs.
Tomi Engdahl says:
It’s 2017, and UPnP is helping black-hats run banking malware
Pinkslipbot malware copies Conflicker for C&C channel
https://www.theregister.co.uk/2017/06/19/pinkslipbot_returns_withupnp_malware_attack/
Another banking malware variant has been spotted in the wild, and it’s using UPnP to pop home routers to expose unsuspecting home users, recruited as part of the botnet.
McAfee Labs says the new campaign uses a variant of the ancient “Pinkslipbot”, and says it uses Universal Plug’n’Play (UPnP) to open ports through home routers, “allowing incoming connections from anyone on the Internet to communicate with the infected machine”.
As with any credential-harvesting botnet, the malware needs to get its booty back to the botmasters without exposing them, and this is where the UPnP exploit comes in.
In the current Pinkslipbot campaign, UPnP merely provides the path to the targets: infect machines that provide HTTPS servers from IP addresses listed in the malware (McAfee’s Sanchit Karve writes that it’s the first time the company’s seen HTTPS-based C&C servers).