Pete recommends – weekly highlights on cyber security issues – March 11 2018

Pete’s note: In many of the articles that I abstract, I’ll annotate some information about RSS at the end.  To learn more about the value of RSS, please see this article in beSpacific: https://www.llrx.com/2016/12/what-is-rss-and-how-to-use-it-effectively/

Some more articles on RSS Newsfeeds from LLRX: legal-technology/rss-newsfeeds/

All topics aka Subjects aka Category in beSpacific and LLRX each have their own RSS feed.

If you were interested in subscribing to the LLRX Subject Cyberlaw, you could add this to your RSS newsreader: legal-research/united-states-law/cyberlaw/feed/


Subject: Check In to Your Hotel Room, Then Check It Out for Safety – NerdWallet
Source: Nerd Wallet
https://www.nerdwallet.com/blog/credit-cards/6-things-to-check-as-soon-as-you-walk-into-your-hotel-room/

Fans of Bravo’s “The Real Housewives of Beverly Hills” are familiar with actress Lisa Rinna’s routine when she checks into a hotel room: She immediately rubs antibacterial wipes all over the hotel phone, air conditioning unit and other commonly touched areas, in an effort to stay germ-free. While that habit might take care of surface microbes, travel experts warn that there is a whole host of other potential dangers lurking in hotel rooms that also deserve your immediate attention. You might not always find something amiss, but running through this checklist will help you feel safe and secure while you’re on the road.


Subject: I Wanna Go Fast: Why Searching Through 500M Pwned Passwords Is So Quick
Source: Troy Hunt blog
https://www.troyhunt.com/i-wanna-go-fast-why-searching-through-500m-pwned-passwords-is-so-quick/

In the immortal words of Ricky Bobby, I wanna go fast <https://www.youtube.com/watch?v=_qJGsSuFRIg>. When I launched Pwned Passwords V2 last week <https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/>, I made it fast – /real fast/ – and I want to talk briefly here about why that was important, how I did it and then how I’ve since shaved another 56% off the load time for requests that hit the origin. And a bunch of other cool perf stuff while I’m here.

Why Speed Matters for Pwned Passwords

Firstly, read the previous post about k-Anonymity and protecting the privacy of passwords to save me repeating it all here. I’ve been amazed at how quickly this has been adopted since I pushed it out very early on Thursday morning my time. Perhaps most notably is 1Password’s use of the service <https://blog.agilebits.com/2018/02/22/finding-pwned-passwords-with-1password/> having pushed out integration within 27 hours. They had no prior noticed of this either, they just got down to business and did it as soon as I launched.

NB blog RSS feed: https://www.troyhunt.com/rss/


Subject: DHS To Put First Responder Tech to the Test
Source: Netxgov
https://www.nextgov.com/emerging-tech/2018/03/dhs-put-first-responder-tech-test/146377/

Can commercial tech hold up in a mock disaster? The agency’s Science and Technology Directorate wants to find out. The Homeland Security Department is looking for ways emerging technologies can keep first responders better connected when disaster strikes. The DHS Science and Technology Directorate on Wednesday opened applications for the agency’s Harris County Operational Experimentation, a chance for groups to prove their technology’s worth in improving safety and effectiveness of firemen, paramedics and other rescue workers on the ground. The experimentation comes as part of the agency’s broader Next Generation First Responder initiative. The program aims to find ways emerging tech can impact the work of Houston-area first responders and the Coast Guard, according to a statement from DHS S&T.

tagged:

* DHS <https://www.nextgov.com/topic/homeland-security-department/?oref=ng-article-topics>
* First Responder <https://www.nextgov.com/topic/first-responder/?oref=ng-article-topics>
* Internet of Things <https://www.nextgov.com/topic/ng-internet-of-things/?oref=ng-article-topics>


Subject: Millennials lost money to scams more often than their grandparents
Source: USA Today Money’
https://www.usatoday.com/story/money/2018/03/04/millennials-lost-money-scams-more-often-than-their-grandparents-last-year/393424002/

Move over, grandma and grandpa. Your Millennial grand kids reported losing money to financial scams last year than you did, new government data shows. In all, 40% of Americans in their twenties who reported fraud in 2017 indicated they lost money to the schemes, the Federal Trade Commission said last week in its annual data book <https://www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-data-book-2017/consumer_sentinel_data_book_2017.pdf> of consumer complaints.

The findings emerged from the first year in which the federal watchdog agency broke out consumer complaint data by age groups <https://www.ftc.gov/policy/reports/policy-reports/commission-staff-reports/consumer-sentinel-network-data-book-2017/frauds-losses-age-percentage>.

“While we received fewer overall complaints in 2017, consumers reported losing more money to fraud than they did the year before,” Tom Pahl, acting director of the FTC’s Bureau of Consumer Protection, said in a statement issued with the data. “This underscores the importance of the FTC’s work in educating consumers and cracking down on the scammers who try to take their money.”

[includes infographic]


Subject: Voice Control Is Coming to Every Nook and Cranny of Your Home
Source: Consumer Reports
https://www.consumerreports.org/smart-home/voice-assistants-coming-to-every-room-of-home-ces-2018/

You talking to me? Alexa and Google Assistant are added to mirrors, smoke alarms, and more smart-home devices at CES 2018

The most private room in the house may not be so private anymore. At CES 2018, Kohler announced a line of connected kitchen and bath products called Kohler Konnect, all of which work with Alexa, Google Assistant, and Apple HomeKit for Siri.

The star of the lineup is Kohler’s Verdera Voice Lighted Mirror, which has microphones, speakers, and Amazon Alexa built in so it can answer questions (“What’s the weather today?”), adjust its lights by voice (“Turn on shaving mode”), and control other compatible devices around the house, including Kohler’s other connected products—no separate smart speaker required.

Kohler is just one of many manufacturers showing off products with Alexa or Google Assistant baked right in. Other brands include iDevices, First Alert, and GE Lighting.

“Voice is the new user interface, and we will see even more controllable devices in 2018 and 2019,” says Blake Kozak, a smart-home analyst with IHS.


Subject: Don’t Write Off Paper Bank Statements Just Yet
Source: Nerd Wallet
https://www.nerdwallet.com/blog/banking/dont-write-off-paper-bank-statements-just-yet/

Electronic bank statements have virtues — saving trees, keeping your desk uncluttered — but they also have a vice: They can be easy to forget.

You could instead get paper statements delivered by mail, an option that’s becoming less popular as technology gets better.

But Nessa Feddis, senior vice president for consumer protection and payments at the American Bankers Association, says they “won’t disappear entirely.”

Whatever form they take, these monthly records help you find errors; remind you of deadlines, in the case of bills; and spot fraudulent purchases. (If you see possible fraud on your statement, take these steps to protect your bank account <https://www.nerdwallet.com/blog/banking/bank-account-security/>.)

Here’s what you can expect from bank statements in the future and how to decide whether sticking with paper makes sense for you.

Other articles:
Banking <https://www.nerdwallet.com/blog/category/banking/>, Banking Basics <https://www.nerdwallet.com/blog/category/banking/banking-basics/>

RSS feed:
https://www.nerdwallet.com/blog/feed/


Subject: Georgetown Lawyers Sue NYPD to Reveal Its Secret Face Recognition Programs
Source: New York Daily News via Gizmodo
https://gizmodo.com/georgetown-lawyers-sue-nypd-to-reveal-its-secret-face-r-1823520159

Researchers at the Georgetown Center of Privacy and Technology have filed suit against the NYPD for more details on the department’s highly secretive face recognition program.

In 2016, the researchers sent Freedom of Information Act requests to the NYPD as they prepared to release* *the Perpetual Lineup <https://www.perpetuallineup.org/>, a landmark report by the university on law enforcement and face recognition technologies. But since 2016, the NYPD has alternately claimed it either couldn’t find any relevant records or that the records it did find were too sensitive to be released.

“The technology is not just a counterterrorism measure,” Clare Garvie, one of the Georgetown researchers suing for more information, told Gizmodo. Garvie co-authored “The Perpetual Lineup” and the 2017 follow-up focusing on face recognition in airports.


Subject: The Myth of the Hacker-Proof Voting Machine (Kim Zetter)
Source: The Risks Digest
http://catless.ncl.ac.uk/Risks/30/57/#subj12.1

“Mark E. Smith” <[email protected]>
Tue, 27 Feb 2018 18:34:55 -0800

“This is an extraordinarily powerful tool if all you want to do is simply discredit democracy,” [Douglas W.] Jones says. ”All you have to do is create the appearance of something having happened, even if it hasn’t happened.”

If the risk is that of discrediting democracy, our electoral system in and of itself serves that function already. As far as I can tell, that’s what US elections are designed to do: create the appearance of something having happened, such as systemic or institutional change, even when nothing has happened and the same big corporations are still financing both parties to continue the same political agenda as before.


Subject: Communication between the Senate and House Intelligence Committees has apparently broken down entirely
Source: Business Insider
http://www.businessinsider.com/angus-king-senate-house-intel-committees-communication-broken-down-2018-3

Rep. Devin Nunes chairs the House Intelligence Committee, which is mired in partisan infighting. According to a member of the Senate Intelligence Committee, the Senate body and its counterpart in the House have basically ceased working together on anything. The split comes after it was revealed that Republican members of the House Intelligence Committee had leaked the text messages of Senate committee Vice Chairman Mark Warner. The senator described the two committees, which used to work closely together, as being “worlds apart.”

Days after news broke that Republicans on the House Intelligence Committee had leaked Senate Intelligence Vice Chairman Sen. Mark Warner’s text messages to Fox News, a Senator on the Senate panel said relations between the two bodies had hit rock bottom.

“I would say there’s not much of a relationship at this point, to tell you the truth,” Sen. Angus King told host Chuck Todd on NBC’s “Meet the Press.” “We’re trying to just continue on on a bipartisan basis. You’ll notice there haven’t been all the memos and counter-memos and that kind of thing and there really isn’t that much of a relationship.”


Subject: Morgan Stanley is looking to staff up its stock-research unit with crypto talent
Source: Business Insider
http://www.businessinsider.com/morgan-stanley-is-looking-to-staff-up-its-stock-research-unit-with-crypto-talent-2018-3

Morgan Stanley is looking to add those with knowledge of the cryptocurrency world to its stock-research team. The bank’s chief executive has had a more positive view of bitcoin and crypto than other Wall Street heads have.

Morgan Stanley appears to be stepping up its game when it comes to cryptocurrency. The Wall Street giant’s three most recent job postings for equity-research positions on LinkedIn say “knowledge of cryptocurrency is a plus.” The associate/analyst positions are for three separate coverage areas including payments, communications equipment, and MLPs, or master limited partnerships. Equity analysts are the folks who study the fundamentals of companies in a given sector and then create research, which clients can use to help inform investment decisions.

Posted in: Blockchain, Congress, Cybercrime, Cybersecurity, Email Security, RSS Newsfeeds
CLOSE
CLOSE